In this presentation, Alejandro will discuss the security risks involved in the ELF parsing process. He will use live demonstrations to show how to exploit functional and security bugs using Melkor.

Melkor, written in C, is an intuitive and easy-to-use ELF file format fuzzer. It mutates the existing data in an ELF sample; however, it does not change values randomly (dumb fuzzing), instead, it fuzzes certain metadata with semi-valid values through the use of fuzzing rules. In order to have higher code/branch coverage during testing, certain metadata dependencies must be in place. Alejandro will explain how Melkor implements these rules when creating malformed ELF files.

About Alejandro Hernández
As Senior Security Consultant for IOActive, Alejandro Hernández is a security professional with experience in penetration testing, risk analysis, threat modeling, tactical exploitation, open source intelligence, vulnerability development, code review, ISMS design, fuzz testing, security strategies, network traffic analysis, IT compliance auditing, and IT governance. He has worked for Fortune 500 companies in different countries such as Mexico, United Kingdom, South Korea, and the USA. He’s also done SCADA security assessments at industrial plants and other industrial critical infrastructures.

Alejandro is a security enthusiast and autodidact who is motivated to do research and development projects in his free time, focusing on IT security and its weaknesses. He cofounded the hacker magazine ContHACKto, planned content, and contributed articles related to information and network security. He participated in the SANS Toronto, Canada Capture The Flag competition. Over the past years, he has written a couple of articles for the IOActive research blog related to reverse engineering and vulnerability development.

About BSides Colombia
BSides Colombia seeks to develop and share knowledge about information security with the help of the best experts at national and international levels in highly technical subjects in an innovative environment.

About IOActive
IOActive is a comprehensive, high-end information security services firm with a long and established track record in delivering elite security services to its customers. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from penetration testing and application code assessment to chip reverse engineering. Global 500 companies across every industry continue to trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, USA, with global operations through the Americas, EMEA, and Asia Pac regions. Visit www.ioactive.com for more information. Follow IOActive on Twitter: http://twitter.com/ioactive.

###

Feeling social?
IOActive in LinkedIn
IOActive on Facebook
IOActive on YouTube
IOActive on Crunchbase
IOActive on Github

Most product development by cyber security vendors is really just old technology in new tins. Genuine innovation is rare. Meanwhile, global IT companies market expensive services and consultancy options to manage the cyber security threat instead of focusing on security R&D.

So where are the affordable technology breakthroughs the information security community desperately needs to defeat cyber crime? If the giant corporations are too big, too bloated to innovate, does salvation lie in the security start-up community? Probably, but are these businesses getting the support they need? Can they succeed in the market, even disrupt the market, before they become acquired and diluted as part of bigger security businesses? This special lunchtime panel, made up of Tech Trailblazers judges, will seek to answer these questions and more.

About Jennifer Steffens
As its CEO, Jennifer Steffens spearheads all aspects of IOActive’s global business operations and drives the company’s strategic vision. Jennifer brings a wealth of industry and business experience to the company, having been an early member of several successful startups.

Earlier in her career, Jennifer was a Director at Sourcefire, where she helped build and grow its run rate from $250K to over $35M in just four years. She helped commercialize the Snort open source intrusion detection and prevention technology and built several service offerings around research initiatives. Prior to joining IOActive, Jennifer came to Seattle to help startup GraniteEdge reinvent itself. While there, she led initiatives to restructure the company and developed a product strategy that ultimately secured two additional rounds of funding. With over ten years of industry experience, Jennifer has held senior management positions at Ubizen, NFR Security, and StillSecure.

Jennifer is a well-respected media source, appearing in InfoSecurity Magazine, SC Magazine, Good Morning America, BBC, Reuters, The Guardian, and CBS News. She has been invited to give keynote presentations at a variety of conferences such as HackInTheBox. Jennifer is a member of EWF, ISSA, and OWASP.

About IP Expo Europe
IP EXPO Europe is Europe’s leading cloud and IT infrastructure event for those looking to find out how the latest IT innovations can drive their business. The event showcases brand new exclusive content and senior level insights from across the industry, as well as unveiling the latest developments in IT.

New for 2014, IP EXPO Europe now incorporates Cyber Security EXPO and Data Centre EXPO. Bringing together 300+ exhibitors and 300+ free to attend seminars all under one roof, IP EXPO Europe is the only must attend event of the year for CIOs, heads of IT, technology experts and engineers.

About IOActive
IOActive is a comprehensive, high-end information security services firm with a long and established track record in delivering elite security services to its customers. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from penetration testing and application code assessment to chip reverse engineering. Global 500 companies across every industry continue to trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, USA, with global operations through the Americas, EMEA, and Asia Pac regions. Visit www.ioactive.com for more information. Follow IOActive on Twitter: http://twitter.com/ioactive.

-###-

Reverse engineering is not all binaries and byte-code. The black art also extends to networks and unobtainable game servers.

In this talk, Joseph will discuss the gruesome details of how he dug through the graveyards of console binaries and the mausoleums of forgotten network protocols – all completed in IOActive’s new state-of-the-art hardware lab – in order to stitch together the pieces necessary to bring his favourite game back to life. Joseph will examine the process of reverse engineering the game’s custom network protocols, from packet logs to low-level disassembly of client code.

About Joseph Tartaro
Joseph Tartaro is an experienced Security Consultant at IOActive, where he proves his talents working with platinum-level clients on network and application penetration. Joseph is highly experienced with wireless security practices, and is passionate about hardware hacking, programming, fuzzing, risk engineering, and all manner of exploitations. As a member of telephreak, he helps manage a VoIP PBX system for free public conferencing and communication. In his off time, he enjoys working on emulations and ROM hacking of retro video games.

About BruCON 
BruCON is an annual security and hacker conference providing two days of an interesting atmosphere for open discussions of critical infosec issues, privacy, information technology and its cultural/technical implications on society. Organised in Belgium, BruCON offers a high quality line up of speakers, security challenges and interesting workshops. BruCON is a conference by and for the security and hacker community.

The conference tries to create bridges between the various actors active in computer security world, included but not limited to hackers, security professionals, security communities, non-profit organizations, CERTs, students, law enforcement agencies, etc.

About IOActive
IOActive is a comprehensive, high-end information security services firm with a long and established track record in delivering elite security services to its customers. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from penetration testing and application code assessment to chip reverse engineering. Global 500 companies across every industry continue to trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, USA, with global operations through the Americas, EMEA, and Asia Pac regions. Visit www.ioactive.com for more information. Follow IOActive on Twitter: http://twitter.com/ioactive.

###

Feeling social?
IOActive in LinkedIn
IOActive on Facebook
IOActive on YouTube
IOActive on Crunchbase
IOActive on Github

To know if your system has been compromised, you need to find everything that could run or otherwise change state on your system and verify its integrity (that is, check that the state is what you expect it to be). “Finding everything” is a bold statement, particularly when it comes to computer security, rootkits, and advanced threats. Is it possible to find everything? Sadly, the short answer is no, it’s not. Strangely, the long answer is yes, it is. By defining the execution environment at any point in time, predominantly through the use of hardware-based hypervisor or virtualisation facilities, you can verify the integrity of that specific environment using cryptographically secure hashing.

In his presentation, Shane will discuss hypervisor device verifiability, physical memory dump assurances, and how leveraging these techniques combined with process detection can effectively detect TLB (shadow walker) or hardware (UEFI)-based rootkits.

About Shane Macaulay
Shane Macaulay is the Director of Incident Readiness at IOActive, experienced in enterprise-level network and application assessment and consultation. Shane takes a deep, broad approach to security and has worked with every major UNIX distribution, Microsoft platform, and networking operating system. He has contributed to the security community by way of various papers, books, and technical applications, and he has discovered numerous compiler bugs (both native and managed), one of which was used to win the non-obvious source code backdoor contest at DEF CON 2010.

Shane spends considerable time investigating systems type applications, APT by reverse engineering and devising techniques to protect and disrupt them.

About VB2014 
The VB Conference is an annual event at which the brains of IT security from around the world gather to learn, debate, pass on their knowledge and move the industry forward. The event provides three full days of learning opportunities and networking with industry experts and covers all aspects of the global threat landscape.

Whether you are an IT professional charged with defending your organisation’s systems and data or a vendor-based security researcher, VB2014 offers opportunities to learn from the best in the industry, discuss methods and technologies, and build contacts.

About IOActive
IOActive is a comprehensive, high-end information security services firm with a long and established track record in delivering elite security services to its customers. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from penetration testing and application code assessment to chip reverse engineering. Global 500 companies across every industry continue to trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, USA, with global operations through the Americas, EMEA, and Asia Pac regions. Visit www.ioactive.com for more information. Follow IOActive on Twitter: http://twitter.com/ioactive.

-###-

This two-hour workshop will introduce you to Industrial Ethernet Switches and their vulnerabilities. These switches are used in environments with industrial automation equipment, like substations, factories, refineries, and ports; in other words, SCADA and ICS switches. You will become familiar with how these switches are used and do some light traffic analysis and firmware reverse engineering.

During this workshop, Eireann and Matt will discuss several vulnerabilities and share the methods used to discover them as well as techniques for exploitation. While all the vulnerabilities have been responsibly disclosed to ensure vendors could supply patches, this will be the first time they are discussed publicly.

The workshop will end with an opportunity to get your hands dirty with the switches. Whether you’re an expert or new to reverse engineering, experiencing device exploitation with Eireann and Matt is not to be missed.

About Éireann Leverett
Eireann Leverett is a Senior Consultant at IOActive where he focuses on Smart Grid and SCADA systems. He studied Artificial Intelligence (AI) and Software Engineering at Edinburgh University and went on to get his Masters in Advanced Computer Science at Cambridge. He studied under Frank Stajano and Jon Crowcroft in Cambridge’s computer security group. In between, he worked for five years at GE Energy and did a six-month engagement with ABB in their corporate research department.

About Matt Erasmus
Matt Erasmus is a Security Analyst for TicketMaster, a large ticketing company based in the UK. He engages with the business across various levels including Application Security and Incident Response. In his free time he enjoys wrestling malware, RFID and generally learning something he didn’t know the day before.

About 44CON
44CON is an annual Information Security Conference and Training event taking place in London. Designed to provide something for both the business and technical Information Security Professional, 44CON brings the best in international Security training + speaking (as well as the best of local talent) to the UK at a reasonable cost.

44CON provides access to speakers. At the bigger conferences, getting time with top class security speakers is limited. At 44CON, you have great access to speakers, who are all willing to spend time and talk about their work. This is where interesting partnerships can occur.

About IOActive
IOActive is a comprehensive, high-end information security services firm with a long and established track record in delivering elite security services to its customers. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from penetration testing and application code assessment to chip reverse engineering. Global 500 companies across every industry continue to trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, USA, with global operations through the Americas, EMEA, and Asia Pac regions. Visit www.ioactive.com for more information. Follow IOActive on Twitter: http://twitter.com/ioactive.

###

Feeling social?
IOActive in LinkedIn
IOActive on Facebook
IOActive on YouTube
IOActive on Crunchbase
IOActive on Github

In recent years, interest in automotive security has grown from automobile manufacturers to consumers and security researchers alike. In their keynote presentation, Chris and Charlie will discuss attacker motives, current attacks, and future attacks against the modern automotive machine. In-car apps, V2V, and V2I communications are creating a complex vehicle environment which needs to be secured from start to finish. Chris and Charlie will consider what security researchers and automotive companies can accomplish by working together.

About Chris Valasek
Chris Valasek is the Director of Security Intelligence at IOActive, an industry leader in comprehensive computer security services. Valasek specializes in offensive research methodologies with a focus in reverse engineering and exploitation. He is known for his extensive research in the automotive field and his exploitation and reverse engineering of Windows. He is also the Chairman of SummerCon, the nation’s oldest hacker conference. He holds a B.S. in Computer Science from the University of Pittsburgh.

About Charlie Miller
Charles Miller is a computer security researcher with Twitter. Prior to his current employment, he spent five years working for the National Security Agency. Miller has demonstrated his hacks publicly on products manufactured by Apple. In 2008, he won a $10,000 cash prize at the hacker conference Pwn2Own in Vancouver, British Columbia, Canada for being the first to find a critical bug in the ultrathin MacBook Air. The next year, he won $5,000 for cracking Safari. In 2009, he demonstrated an SMS processing vulnerability that allowed for complete compromise of the Apple iPhone and denial-of-service attacks on other phones. In 2011, he found a security hole in the iPhone’s/iPad’s security, whereby an application could contact a remote computer to download new, unapproved software. The software could execute any command and steal data (personal or other) using iOS applications’ functions for malicious purposes. As a proof of concept, Miller created an application called Instastock that was approved by Apple’s App Store. He then informed Apple about the security hole and was promptly expelled from the App Store by Apple.

About escar
escar is the leading automotive cyber-security workshop.  escar USA workshop will provide a forum for dissemination of state-of-the-practice approaches to cyber security in the automotive industry, and provide an exchange of ideas for building of a cyber security knowledge base in the automotive industry.

About IOActive
IOActive is a comprehensive, high-end information security services firm with a long and established track record in delivering elite security services to its customers. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from penetration testing and application code assessment to chip reverse engineering. Global 500 companies across every industry continue to trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, USA, with global operations through the Americas, EMEA, and Asia Pac regions. Visit www.ioactive.com for more information. Follow IOActive on Twitter: http://twitter.com/ioactive.

-###-

As the security industry adopts terms like “The Internet of Things”, “The Connected World”, and “Always On”, Gary van Blerk would like to take you on a journey through the world of home-automation systems. Many of these systems tout IP interfaces and mobile apps as key differentiators; but as we have learned, not only do they expand feature sets, they also expand attack surfaces. Gary will also discuss issues associated with disclosing vulnerabilities and how researchers and industry can work together more effectively to ensure end users are protected.

Earlier this year Mike Davis, embedded systems security principal scientist for IOActive, took a closer look at the Belkin Wemo home-automation system and discovered a wide range of vulnerabilities, from private key and credential disclosures to haphazard SSL and API validation implementations.

IOActive is also proud to announce it is a Community Sponsor of BSides Cape Town.

About Gary van Blerk
Gary van Blerk, an Information Security Management Consultant for IOActive in South Africa, is an information technology expert with industry experience dating back over 18 years. He has gained his experience in a number of multinational blue chip companies covering a range of industries, including IT consultancy, cellular/GSM market, financial, and legal. Gary has a passion for technology and enjoys trying out the latest new gadgets to see how they work. He is currently completing his masters degree at Rhodes University.

About BSides Cape Town 
BSides CapeTown 2014 is an innovative one day information security conference, open to the public, and focused on providing an open platform for sharing ideas, insights, and developing longstanding relationships with others in the community. It is a rare opportunity to directly connect and create trusted relationships with key members of the community.

About IOActive
IOActive is a comprehensive, high-end information security services firm with a long and established track record in delivering elite security services to its customers. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from penetration testing and application code assessment to chip reverse engineering. Global 500 companies across every industry continue to trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, USA, with global operations through the Americas, EMEA, and Asia Pac regions. Visit www.ioactive.com for more information. Follow IOActive on Twitter: http://twitter.com/ioactive.

-###-

Over the past decades, we have added layer upon layer of protection on top of our most business-critical applications and infrastructures. While making them more secure, we have unwittingly (and sometimes unknowingly) increased their attack surfaces and added complexity that limits our ability to support, expand, and protect them.

In this talk, Wim Remes will focus on strategies for mapping existing infrastructures and understanding their exposure at a granular level. Drawing from historic examples and real-world experience, Wim will show the audience how to identify weaknesses, measure their potential impact, and integrate security measures in evolving infrastructures.

IOActive will also have a booth (number GP-12) in the exhibition section of the event, where guests can come meet the team and find out more about the company’s service offerings.

About Wim Remes
As a Managing Consultant at IOActive, Wim Remes leverages his 15 years of security leadership experience to advise clients on reducing their risk posture by solving complex security problems and building resiliency into their organisations. Wim delivers expert guidance on reducing the high cost of IT security failures, both financially and in terms of brand reputation. Wim has deep expertise in network security, identity management, policy design, risk assessment, and penetration testing. Before joining the IOActive team, Wim was a Manager of Information Security for Ernst and Young and a Security Consultant for Bull, where he gained valuable experience building security programs for enterprise-class clients.

About GISEC
GISEC is the MENA region’s only large-scale information security platform, assembling industry, government and thought leaders to tackle threats, issues and countermeasures. GISEC 2014 is highly focused on addressing security concerns for I.T., Oil & Gas, Banking & Finance, Government, Legal, Healthcare and Telecoms industries. Key industry decision makers have the chance to meet companies providing world-leading solutions across dedicated industry verticals.

About IOActive
IOActive is a comprehensive, high-end information security services firm with a long and established track record in delivering elite security services to its customers. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from penetration testing and application code assessment to chip reverse engineering. Global 500 companies across every industry continue to trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, USA, with global operations through the Americas, EMEA, and Asia Pac regions. Visit www.ioactive.com for more information.  Follow IOActive on Twitter: http://twitter.com/ioactive.

-###-

In this presentation, Ian will focus on red team engagements and why they are gaining in popularity. By way of background, red teams attack something, while the opposing blue team defends. Traditionally organisations have focused on defense and many have established highly qualified blue teams. In reality, organisations need the yin and yang of both offensive and defensive measures to truly secure their critical assets against today’s evolving threats. Red team exercises provide an invaluable methodology and process for understanding your weak points from an attacker’s point of view.

Ian’s presentation is geared for anyone charged with protecting real-world assets. Designed to be highly engaging and interactive, Ian will explore relevant scenarios and delve into the dark side of understanding where your most critical assets are open to the greatest risk.

It’s been more than a decade since Microsoft brought threat modeling to the attention of development and information security audiences. DREAD and STRIDE, combined with interesting side projects like the Elevation of Privileges card game, remain largely unused despite being offered to the community for free.

In this presentation, Wim will not regurgitate what we already know about threat modeling (there’s books for that), rather he will provide insight into how security professionals can use and apply threat modeling. His practical examples will include decomposing a complex software project, improving scoping efficiency during penetration testing, and educating and supporting developers. Wim’s presentation will reveal the often ignored value of threat modeling and enable the audience to apply it to both offensive and defensive security processes.

About Ian Amit
Ian Amit is Director of Services for IOActive. Ian oversees the northeast US services practice including the financial and healthcare sectors, as well as leading the red team division. Ian brings a mixture of software development, OS, network, and web security to work on a daily basis. He is also a regular guest speaker on Fox Business as well as at leading security conferences around the world (Black Hat, DefCon, OWASP, and InfoSecurity), and has published numerous articles and research material in print, online, and through broadcast media. Ian is one of the founders of the Penetration Testing Execution Standard (PTES), its counterpart – the SexyDefense Initiative, and a core member of the DirtySecurity Crew. Ian holds a Bachelor’s Degree in Computer Science and Business Administration from the Interdisciplinary Center at Herzlya.

About Wim Remes
As a Managing Consultant at IOActive, Wim Remes leverages his 15 years of security leadership experience to advise clients on reducing their risk posture by solving complex security problems and building resiliency into their organisations. Wim delivers expert guidance on reducing the high cost of IT security failures, both financially and in terms of brand reputation. Wim has deep expertise in network security, identity management, policy design, risk assessment, and penetration testing. Before joining the IOActive team, Wim was a Manager of Information Security for Ernst and Young and a Security Consultant for Bull, where he gained valuable experience building security programs for enterprise-class clients.

About Area41
Area41 is an international security technology and research conference offering both trainings/workshops and traditional presentation tracks. The event features many international IT security experts sharing their deep technical knowledge in an open environment and takes place 2nd/3rd of June, 2014 in Zurich. The conference is unique in Switzerland and is organized by DEFCON Switzerland, a non-profit association registered as a Defcon Group with the aim to give experts and professionals a platform to transfer insights into the information security domain and to sensitize users to information security topics. The official conference web site is located at: http://www.area41.io

About IOActive
IOActive is a comprehensive, high-end information security services firm with a long and established track record in delivering elite security services to its customers. Our world-renowned consulting and research teams deliver a portfolio of specialist security services ranging from penetration testing and application code assessment to chip reverse engineering. Global 500 companies across every industry continue to trust IOActive with their most critical and sensitive security issues. Founded in 1998, IOActive is headquartered in Seattle, USA, with global operations through the Americas, EMEA, and Asia Pac regions. Visit www.ioactive.com for more information. Follow IOActive on Twitter: http://twitter.com/ioactive.

-###-

One of the most effective tools developers can integrate into their security development lifecycle programs is threat modeling. In this presentation, Robert will cover how effective threat modeling techniques enable developers to uncover security vulnerabilities before even a single line of code is written. He will then discuss how threat modeling can be applied to cloud environments. Whether you are building a hybrid model, purely commodity cloud, or Virtual Private Cloud (VPC) environment, threat modeling will help identify the attack surface area and potential threat vectors. Finally, Robert will explain to those in attendance that the concept of threat modeling allows developers and operations personnel to address vulnerabilities as new and older enterprises migrate to the cloud.

About Robert Zigweid
As an IOActive Director of Services and an accomplished developer and application tester, Robert Zigweid is responsible for making sure that the performance and quality of engagements is of the highest standard. During an engagement, Zigweid works closely with clients as well as using his vast experience and array of advanced skills that cover the creation and analysis of system architecture and threat modeling, to help them pinpoint and solve network and application problems that threaten their businesses assets and goals.

In addition to his direct involvement on penetration tests, security reviews, and network and application audits, Zigweid contributes to the development of new, robust, and secure systems through his own research and development. His research and the resultant presentations at top industry conferences continues to promote the understanding of application and network security among audiences across the world with varying levels of technical fluency.

Zigweid also helped develop IOActive’s secure coding and Software Development Lifecycle training courses, sharing his profound understanding of industry best practices and guidelines to aid our clients in developing applications capable of resisting both internal and external threats.

About OWASP Los Angeles
The Open Web Application Security Project (OWASP) is a not-for-profit, worldwide organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.

The OWASP Los Angeles chapter typically meets on the 4th Wednesday every month for dinner, a great security-related speaker and great networking. We frequently go out for post-talk drinks to socialize and understand what security is really about. Join the movement today!