Threat Intel Dumpster Diving & A Day in the Life of a Vulnerability Researcher

This is a past event

202 people went

Design Exchange

234 Bay St · Toronto, ON

How to find us

3rd Floor - Exhibition Hall

Location image of event venue

Details

Hey hackers! Who is excited for the next DEFCON Toronto Meetup? The group for hackers, cyber security professionals, and enthusiasts. We are excited to have you join us for our July meetup at a new venue - Design Exchange's Exhibition Hall, where we will have two fantastic talks.

This month's meetup is sponsored by Trend Micro and in partnership with Design Exchange - Toronto's Design, Tech, and Innovation Hub!

Check them out!

Trend Micro - https://www.trendmicro.com
Design Exchange - https://www.dx.org/

Talk #1

Topic: Digital Dumpster Diving for Threat Intel

Abstract:

8 years ago while leading an engagement, Chandra created a stager that
downloaded an encoded string from Pastebin. This string would decode to the malware that he was trying to deploy. Websites like Pastebin & Gist are often used by developers and whitelisted at most organizations. Chandra saw an opportunity to exploit this inherent trust to deliver a desired payload. After the engagement, he wondered if other attackers were trying to do the same thing. This was the start of his digital dumpster diving quest. Now there are several campaigns both sophisticated and unsophisticated leveraging text dump sites and blogging platforms to deploy their payloads.

Bio:

Chandra Majumdar has been working in the trenches of InfoSec for over 15 years, focused on developing threat detection capabilities. He started hacking back in the Dial-Up internet days because he did not like running ISP’s custom dialer which served Ads and enforced time limits. His team won a Black Badge at Defcon 19 for winning the badge hacking contest. He Founded ByteSec Labs, a boutique security research company. Chandra is also the Co-Founder and CTO of ElevatedPrompt Solutions, specializing in Threat Intelligence, Threat Hunting, Incident Response and Penetration testing. In his spare time, he likes to hack the airwaves, IoT and Reverse Engineer embedded electronics. He is currently working on an open source man in the middle platform using Orange Pi R1 or NanoPi R1 - https://github.com/elevatedprompt/mitm_toolkit.

Talk #2

Topic: A Day in the Life of a Vulnerability Researcher
at the Zero Day Initiative

Abstract:

Have you ever wondered what happens after you submit a report to the Zero Day Initiative (ZDI)? What happens behind the scenes of the Pwn2Own hacking competition? What does an average day of a vulnerability researcher of ZDI look like? This talk is going to answer all these questions and provide a peek into the life of a ZDI vulnerability researcher.

Bio:

Vincent Lee is a vulnerability researcher at Trend Micro’s Zero Day Initiative (ZDI) program. His primary role involves performing root cause analysis and determining the exploitability of ZDI submissions. Prior to joining ZDI, Vincent served as a researcher at TELUS Security Labs, where he looked at known security issues to provide detection guidance to a variety of security solution vendors. Vincent has a BASc in Computer Engineering from the University of Toronto and is working towards his CISSP designation. He has previously presented at the BSidesTO, the Mexican and Chilean chapters of the 8.8 security conference, published numerous
blogs posts on security issues in various enterprise software, and discovered
vulnerabilities in products from Microsoft, Adobe, and Hewlett Packard Enterprise.

Is your company hiring? At every DC416 event we give hiring managers the opportunity to do a "Call for Candidates" for open IT, Development, or Cyber Security related roles.

Want to learn more about DC416? Visit our site! http://dc416.com

Missed a DC416 talk? checkout the DC416 archives. https://dc416.com/archives/

Want to give a talk at DC416? Checkout our CFP. https://dc416.com/cfp/

Join the conversation on Twitter! Share and follow along with @defcon_toronto

Interested in sponsoring a DC416 event? Checkout our sponsors page! https://dc416.com/become-a-sponsor/

Want to join our slack? E-mail us at [masked]