Now presenting: iSEC Partners Austin Open Forum, holiday edition! Join us on December 18th with a round of presentations sure to please. As always, food and beverages will be provided - please RSVP so there is enough. Also note our venue has changed for this event. See you there!
DATE: December 18th, 2014
LOCATION: TenOak - 409 Colorado Street
Speaking Agenda (order may change but speakers are confirmed)
SPEAKER: Akbar Qureshi - Security Researcher, Sr. Analyst at a Large Oil and Gas Company
PRESO TITLE: Modbus TCP Attacks – Taking down a PLC
PRESO SUMMARY: In this talk I will discuss how Programmable Logic Controllers (PLC) running Modbus TCP can be attacked and taken down. Modbus has no security features which leaves PLCs running Modbus open to malicious command execution. I will also talk about securing PLCs from Modbus attacks.
SPEAKER BIO: Akbar Qureshi is a security researcher with a background in exploit development, malware research, ICS / SCADA security, and incident response. He has turned in bugs at Bugcrowd, ICS CERT, and others. He current works as a Sr. security analyst at a large oil and gas company.
SPEAKER: Jessey Bullock – Senior Security Engineer, iSEC Partners
PRESO TITLE: Too Many Bridges: Active MiTM against wired 802.1x using advanced Linux networking
PRESO SUMMARY: This talk will present a novel technique for leveraging linux network functionality to not only bypass 802.1x protected networks but also actively MiTM victim machines, which has previously been impossible. The talk will present the foundations of some of the more interesting linux networking features as well as explain the common pitfalls and limitations of performing 802.1x attacks. Finally the talk will discuss how to overcome these pitfalls and limitations as well as a demo of performing an active MiTM attack against a victim machine.
SPEAKER BIO: Jessey is a Senior Security Engineer for iSEC Partners, performing technical security assessments for clients across multiple industry sectors including. Coming from this varied background Jessey has a deep understanding of application security, operating systems internals, networking protocols together with practical experience of managing and deploying enterprise-level products and appliances. In a previous life, Jessey worked as a consultant for a multinational security company specializing in NIST CAVP, FIPS, and CC certification processes.
SPEAKER: Daniel Crowley - Security Engineer, iSEC Partners
PRESO TITLE: Jack of All Formats
PRESO SUMMARY: This presentation attempts to provide a general methodology for analyzing various file formats and creating polyglot files, e.g.: files that can be parsed as two different valid files depending on the parser being used. Various general techniques for combining files into polyglots will be presented, and examples of each technique being used in practice will be demonstrated.
SPEAKER BIO: Daniel (aka "unicornFurnace") is a Security Engineer for iSEC Partners. Daniel denies all allegations regarding unicorn smuggling and questions your character for even suggesting it. Daniel has developed configurable testbeds such as SQLol and XMLmao for training and research regarding specific vulnerabilities. Daniel was TIME's 2006 person of the year. Daniel has been working in the information security industry since 2004 and is a frequent speaker at conferences including Black Hat, DEF CON, Shmoocon, and SOURCE. Daniel does his own charcuterie. Daniel also holds the title of Baron in the micronation of Sealand.