James Arndt

James Arndt

Always Look a Gift (Trojan) Horse in the Mouth

It could be said that the city of Troy needed to update its antivirus or intrusion detection signatures. Maybe they needed to dust off their acceptable use policy on their SharePoint site? Or did their end users need more security training? Didn’t anyone warn the CEO of Troy that it is dangerous to push the “Enable Content” button on strange horses that show up outside the city wall? If only the city of Troy had a citizen that could have torn apart the Trojan Horse to see what was really going on inside.
The same goes for malicious emails. Someone will report a suspicious email because they think it might be malicious. But how bad is it really? Unless you are able to dig into the email and perform a thorough analysis on its attachments, you’ll never know how bad it is, how it behaves, and what it may be trying to contact.
In this talk, attendees will learn various tools and techniques that can be used to thoroughly analyze a malicous attachment and everything that comes after it. In order to get as many stones as possible, we will want to leave no stone unturned. This information can then be used to look for indicators of compromise throughout your environment.

Ian Sindermann

Ian Sindermann

Unhinging Security on the Buffalo TeraStation NAS

Often times it only takes a small oversight to cause a vulnerability, even when it comes to severe vulnerabilities. The Buffalo TeraStation NAS demonstrates this idea beautifully in that it has a variety of features that do just a tad more than they should. Using these oversights as examples, I’ll provide an overview of the thought processes, mindset, and skills used to turn happy little oversights into happy little shells. There will be an abundance of facepalms and IoT war stories, and if that wasn’t enough, there’s a good chance these vulns will still be unpatched.


Benjamin Brown

Benjamin Brown

More Than Tor: 
Shining a Light on Different Corners of the Dark Web

When the terms darknet or dark web are invoked it is almost always in reference to the Tor network, but what about the other extant darknet frameworks? A true understanding of the dark web would be impossible and misleading if it only included the Tor network. In this talk I will expand the field of view to include frameworks such as Freenet, I2P, and OpenBazaar. We’ll take a quick look at the origins and technical underpinnings of these darknets as well as their actors and offerings. I will also discuss the differentiators that set these networks apart from Tor and highlight why they too should be included in modeling our knowledge of the dark web. Audience members will walk away with a fuller understanding of the internet’s hidden corners, the goals of its users, and the technologies that help keep them in the dark.


Vi Grey

Vi Grey

Bet You Never Played an NES Game like This: Innovating Under Limitations

We all know someone who has a Nintendo Entertainment System (NES) sitting around collecting dust.  The 1980s gaming console was limited in its capabilities, but just how much wiggle room does that leave for mischief?  In this talk, Vi Grey will demonstrate how it is possible to innovate under the limitations the NES restricts us with to create new ways a person can interact with a game.  You will see NES games that are also fully functioning web pages and ZIP files, console memory dumps that can be opened as JPEG images, game cartridges that secretly contain other entire NES games, and much more.