• Security Trivia Night (in-person) - SecTalks SYD0x42 (66th)

    # Security Trivia Night
    All skills are welcome

    Want to hang out with some fellow InfoSec enthusiasts, have fun and test your knowledge. Well, here is an opportunity to do that. Join us in the next SecTalks Trivia Night!

    We will be challenging you on the following security topics:
    - Defensive: Incident Response, Digital Forensics, Logging
    - Offensive: Penetrating Testing, Web Applications
    - Mobile and OS
    - Miscellaneous

    How can you participate? Here are some guidelines:
    - We will be running this session in a physical location.
    - We will have teams of maximum 5 people
    - The Trivia will be run on an online quiz platform
    - We will be setting up the teams at the meetup

    # Condition of Entry
    Unfortunately due to lockdown restrictions we have some limitation in this in-person event:

    0. Our venue is 1/3 of usual size. Please RSVP if can really make it.
    1. If you have any COVID-19 symptom, please go an get tested and skip this event.
    2. Everyone must sign-in at the entrance of the venue. Please use your full real name and valid contact detail. No jokes.
    3. Everyone must scan COVID Save QR code using their Service NSW app
    4. Practice physical distancing and hand hygiene throughout the meetup.
    5. No catering and sharing pizza slices. We will finish early and head to an after-party venue.

    # Sponsors
    Amazon Information Security (https://j.mp/3eiTfEC)
    SecDim (https://j.mp/1qgPo0a)
    PWC (https://pwc.to/2FcpqF4)
    Atlassian (https://j.mp/313gJJZ)
    Google (https://bit.ly/2IiKrCm)

    For sponsoring SecTalks Sydney, Please contact [masked] for more detail.
    To speak at SecTalks, please fill up our CFP form at https://j.mp/sectalkscfp

    4
  • Why election auditing matters in Australia - SecTalks SYD0x41 (65th)

    # Presentation: Why election auditing matters in Australia

    Most Australians think that the election security problems we
    observe in the USA are irrelevant here, because we all vote on paper
    ballots and they are all counted by hand. This is wrong for two
    reasons: not all Australians vote on paper, and not all our paper
    ballots are manually counted.

    I'll start with a survey of election software used in Australia - there
    will be more than you expect. I'll list the counting bugs and
    cryptographic errors we have found over the years, in systems for
    Internet voting and electronic counting. I'll discuss what our
    recently-discovered bugs in the ACT's counting code mean for the wisdom of letting 80% of ACT citizens vote on paperless voting machines running unscrutinised code.

    I'll then move on to some solutions, describing new techniques for
    risk-limiting audits of paper ballots in preferential elections.

    by A/Prof. Vanessa Teague + Joint work with many people including Michelle Blom, Andrew Conway, Chris Culnane, Aleks Essex, Thomas Haines, Alex Halderman, Sarah Jamie Lewis, Olivier Pereira, Philip Stark, Peter Stuckey and Damjan Vukcevic.

    Vanessa Teague is the CEO of Thinking Cybersecurity and Associate
    Prof (Adj.) in the Research School of Computer Science at the
    Australian National University. Her research focuses primarily on
    cryptographic methods for achieving security and privacy, particularly
    for issues of public interest such as election integrity and the
    protection of government data. She was part of the team (with Chris
    Culnane and Ben Rubinstein) who discovered the easy re-identification
    of doctors and patients in the Medicare/PBS open dataset released by
    the Australian Department of Health. She has co-designed numerous
    protocols for improved election integrity in e-voting systems, and co-
    discovered serious weaknesses in the cryptography of deployed e-voting
    systems in New South Wales, Western Australia and Switzerland. She
    lives and works on Wurundjeri land in Southeastern Australia (near
    Melbourne).

    # Sponsors

    Amazon Information Security (https://j.mp/3eiTfEC)
    SecDim (https://j.mp/1qgPo0a)
    PWC (https://pwc.to/2FcpqF4)
    Atlassian (https://j.mp/313gJJZ)
    Google (https://bit.ly/2IiKrCm)

    For sponsoring SecTalks Sydney, Please contact [masked] for more detail.
    To speak at SecTalks, please fill up our CFP form at https://j.mp/sectalkscfp

    6
  • The seL4 microkernel: Mathematical proof of security - SecTalks SYD0x40 (64th)

    # Presentation: The seL4 microkernel: Mathematical proof of security

    The seL4 microkernel was the world’s first operating system (OS) kernel with a formal, machine-checked proof of implementation correctness. It is still the only capability-based kernel with such a proof, and meanwhile has further proofs about its ability to enforce security, and the proof chain has been extended to the binary code. The functional correctness proof now exists for the Armv7, x86-64 and RISC-V RV64 architectures, and the kernel and its ecosystem is now supported by the seL4 Foundation. In this talk I will provide an overview of seL4 and its verification story and what it means and doesn’t mean, discuss real-world deployments, as well as on-going research on the principled prevention of timing channels.

    by Prof. Gernot Heiser

    Gernot Heiser is Scientia (distinguished) Professor and John Lions Chair of Operating Systems at UNSW Sydney and Chief Research Scientist at CSIRO’s Data61. His research interest are in operating systems, real-time systems, security and safety. He is the founder and past leader of Data61’s Trustworthy Systems group, which pioneered large-scale formal verification of systems code, specifically the design, implementation and formal verification of the seL4 microkernel; seL4 is now being used in real-world security- and safety-critical systems. Heiser's former company Open Kernel Labs, acquired by General Dynamics in 2012, marketed the OKL4 microkernel, which shipped on billions of mobile wireless chips and more recently ships on the secure enclave of all iOS devices. He presently serves as Chief Scientist, Software, of HENSOLDT Cyber, a Munich-based company providing a secure hardware-software stack for embedded and cyber-physical systems. Gernot is a Fellow of the ACM, the IEEE and the Australian Academy of Technology and Engineering (ATSE) and an ACM Distinguished Lecturer

    # Sponsors

    PWC (https://pwc.to/2FcpqF4)
    Atlassian (https://j.mp/313gJJZ)
    Google (https://bit.ly/2IiKrCm)
    SecDim (https://j.mp/1qgPo0a)
    Amazon Information Security (https://j.mp/3eiTfEC)

    For sponsoring SecTalks Sydney, Please contact [masked] for more detail.

    1
  • SecTalks SYD Ninja Night NN0x0a (11th) Online

    Online event

    # Ninja Night 0x0a (Online)

    ## New player registration
    If you do not have an account on ctf.syd.sectalks.org, please fill up the following form:
    https://bit.ly/ctfregister

    To keep things interesting and using this opportunity to meet new people we'll be re-assigning teams. You will be receiving details of your team login closer to the event.

    # What is Ninja Night

    This is a session where you show off your computer hacking skills or learn a new one. A typical evening goes like this, you join the livestream, the CTF challenge is presented to all the teams, we start doing cool shit and have fun hacking. The objective is to get as many flags as possible in 60 minutes. The first team to get most points wins and will present their way through the challenge in the next session.

    ## Agenda
    1. Intro and walkthrough
    2. Game kick-off
    3. Wrap-up

    ## Challenges
    There will be a good mix of easy and difficult challenges. Categories are: Binary Exploitation, Crypto, Web and RE (so far)

    ## Be prepared
    1) Have a computer with reliable Internet connection.

    B) Have a hypervisor software, e.g. VMWare player, Virtual box. It may be necessary for running some CTF challenges.

    3) Based on the number of participates for the CTF, the group may be divided into teams. PREPARE TO MAKE NEW FRIENDS. We will try to team up beginners with gurus. Those that want to go solo are still welcome to do so.

    4) This is a learning exercise for everyone. The idea is to think about problems, make friends and have fun. Don't treat it like a competition. If this is your first time participating in a CTF, check out SecTalks CTF 101 presentations https://www.sectalks.org/ctf101/

    5) The winner is the first team who scores the most. The winner will win the praise and admiration of fellow attendees. Gentle prods and hints will be offered during the session to move things along if people get stuck. The goal is to learn, not to beat your head against a wall for days on end.

    6: Have fun. Learn. Mentor if you are able to. Participate, or just social. This is supposed to be a fun, learning event for the security and hacker community.

    ## Notes
    1. Questions can be posted on YouTube Live Chat
    2. Hints will be posted on Live broadcast.
    3. Create a private chat channel (e.g. with Slack) and invite all your team members.

    # Sponsors
    PWC (https://pwc.to/2FcpqF4)
    Atlassian (https://j.mp/313gJJZ): Senior Product Security Engineer
    Google (https://bit.ly/2IiKrCm)
    SecDim (https://j.mp/1qgPo0a)
    Amazon Information Security (https://j.mp/3eiTfEC)

    For sponsoring SecTalks Sydney, Please contact [masked]

  • SecTalks SYD0x44 (63rd) - a casual catch-up

    Untied

    It has been a while since we've got together!

    Let's start SecTalks SYD 2021 with a casual catchup at our usual rooftop bar.

    While practising social distancing, we grab some (soft-)drinks and chat about our plan for 2021. Let throw some ideas on what we should do, any new thing to try? anyone to invite as speaker? CTF? ...

    It is a great chance to see new and familiar faces and also meet our new organising team.

    We haven't do any booking as most venues asked us for per person fee. They seem to have lots of cancellation so they didn't accept our booking without a fee. They told us we can still walk in and enjoy their roof-top bar. If it is full, there are some nearby places that we can head too.

    Join us.

  • SecTalks SYD0x43 (62nd) - Whack-a-Meltdown: a Micro-Architectural Game

    # Call for Volunteers and annual feedback

    In a year that most events were cancelled, we consistently host SecTalks every month. Thanks to our organising team and your supports! In 2021, we need your help. We are looking for volunteers, speakers, sponsors, and your feedback.
    Please use the following form to share your thoughts and interests.
    https://forms.gle/TR5m5fgJ3vvJMxV1A

    # Presentation: Whack-a-Meltdown: a Micro-Architectural Game

    Out-of-order execution is a processor feature that allows varying the order of instruction execution to increase CPU utilisation. For two decades, out-of-order execution has been considered a harmless performance enhancement. However, the Meltdown attack demonstrated a weakness in implementations of out-of-order execution that allows adversaries to bypass the security guarantees of the processor.

    Countermeasures for Meltdown have been published concurrently with the attack's public disclosure in early 2018., However, further variants of the Meltdown attack demonstrated that these countermeasures are limited. Since then, the cycle continues. Existing countermeasures are overcome with newer attack variants, requiring newer countermeasures, which are again proven insufficient.

    This presentation reviews the history of Meltdown attack variants and proposed countermeasures. It identifies a core cause for all Meltdown-like vulnerabilities, and argues that as long as proposed countermeasures address symptomatic effects rather than this core cause, the Whack-a-Mole game we have witnessed over the last three years is likely to continue.

    by Dr. Yuval Yarom

    Yuval Yarom is senior lecturer the School of Computer Science at the University of Adelaide and a Researcher at Data61, CSIRO. His main research interests are computer security and cryptography, with a current focus on microarchitectural attacks and their mitigation. He received his PhD from the University of Adelaide and an M.Sc. and a B.Sc. from the Hebrew University of Jerusalem.

    # NN0x0A CTF walkthrough and NN0x0B CTF challenge - stay tuned for confirmation.

    # Sponsors

    PWC (https://pwc.to/2FcpqF4)
    Atlassian (https://j.mp/313gJJZ)
    Google (https://bit.ly/2IiKrCm)
    SecDim (https://j.mp/1qgPo0a)
    Amazon Information Security (https://j.mp/3eiTfEC)

    For sponsoring SecTalks Sydney, Please contact [masked] for more detail.

    1
  • SecTalks SYD0x42 (61st) - Software Security in the Presence of Faults

    # Presentation: Software Security in the Presence of Faults.

    Software security is usually concerned with issues like buffer overflows,
    SQLI, integer overflows, format string vulnerabilities, and the usual OWASP
    top ten catalogue. What's rarely considered is its behaviour in the presence
    of faults which, combined with security-related code and in particular
    cryptography that's horribly sensitive to faults, leads to problems when the
    software is deployed into environments where faults are not only expected but
    a normal part of operations. This talk looks at situations where faults
    arise, and the range of software measures that can be used to defend against
    them affecting security-critical code.

    by Dr. Peter Gutmann

    Peter Gutmann is a researcher in the Department of Computer Science at the University of Auckland working on design and analysis of cryptographic security architectures, security usability, and embedded systems security. He helped write the popular PGP encryption package, has authored a number of papers and RFC's on security and encryption including serving as the last editor of the world's longest-running security RFC, RFC 8894, and is the author of the open source cryptlib security toolkit, "Cryptographic Security Architecture: Design and Verification" (Springer, 2003), and an upcoming book "Engineering Security". In his spare time he pokes holes in whatever security
    systems and mechanisms catch his attention and grumbles about the lack of consideration of human factors in designing security systems

    # Presentation: NN0x09 CTF walkthrough

    # CTF challenge
    This month we combine Ninja Night and presentation into the same session. Right after the presentation, the 60min CTF challenge will be presented. To prepare follow the instruction on https://www.meetup.com/SecTalks/events/272951864/

    # Sponsors
    Check out our sponsors job opportunities.

    PWC (https://pwc.to/2FcpqF4)
    Atlassian (https://j.mp/313gJJZ): Senior Product Security Engineer
    Google (https://bit.ly/2IiKrCm)
    SecDim (https://j.mp/1qgPo0a)
    Amazon Information Security (https://j.mp/3eiTfEC)

    For sponsoring SecTalks Sydney, Please contact [masked] for more detail.

    1
  • SecTalks SYD Ninja Night NN0x09 (10th) Online

    Online event

    # Ninja Night 0x09 (Online)

    ## New player registration
    If you do not have a team on ctf.syd.sectalks.org and would like us to
    assign you a team, please fill up the following form:
    https://bit.ly/ctfregister

    Otherwise, login to the CTF dashboard and then login to your previously created team.

    # What is Ninja Night

    This is a session where you show off your computer hacking skills or learn a new one. A typical evening goes like this, we rock up at the -venue-, get randomly assigned to a team, or use our previous teams, CTF challenge is presented to all the teams, we start doing cool shit and have fun hacking. The objective is to capture the flag in 60 minutes. The first team to solve the challenge wins and will present their way through the challenge in the next session.

    ## Agenda
    1. Team generation
    2. Game kick-off: There will be two CTF challenges, one for beginners and one for experienced players.
    3. Wrap-up

    ## Note
    Challenges will be in Cryptography category, crypto algorithms and implementations.

    ## Be prepared
    1) Have a computer with reliable Internet connection.

    B) Have a hypervisor software, e.g. VMWare player, Virtual box. It may be necessary for running some CTF challenges.

    3) Based on the number of participates for the CTF, the group may be divided into teams. PREPARE TO MAKE NEW FRIENDS. We will try to team up beginners with gurus. Those that want to go solo are still welcome to do so.

    four: This is a learning exercise for everyone. The idea is to think about problems, make friends and have fun. Don't treat it like a competition. If this is your first time participating in a CTF, check out SecTalks CTF 101 presentations https://www.sectalks.org/ctf101/

    V- The winner is the first team who solves the challenge. The winner will win the praise and admiration of fellow attendees. Gentle prods and hints will be offered during the session to move things along if people get stuck. The goal is to learn, not to beat your head against a wall for days on end.

    6: Have fun. Learn. Mentor if you are able to. Participate, or just socialise. This is supposed to be a fun, learning event for the security and hacker community.

    ## Notes
    1. Questions can be posted on SecTalks Sydney Slack or on YouTube Live Chat
    2. Hints will be posted on Slack and Live broadcast.
    3. Create a private chat channel and invite all your team members.

    # Sponsors

    PWC (https://pwc.to/2FcpqF4)
    Atlassian (https://j.mp/313gJJZ): Senior Product Security Engineer
    Google (https://bit.ly/2IiKrCm)
    SecDim (https://j.mp/1qgPo0a)
    Amazon Information Security (https://j.mp/3eiTfEC)

    For sponsoring SecTalks Sydney, Please contact [masked]

    5
  • SecTalks SYD0x41 (60th) - CovidSafe App Security

    Online event

    # Presentation: an approach to reviewing the CovidSafe App.

    As the CovidSafe app was released to Australia, several researchers around the country (and indeed the world) dived head first into breaking down the Application & its supporting environment. This talk looks to recount the author's process of research, observations to the environment at the time and experience diving in. The focus of this talk will be on technical observations, the importance of POC||GTFO and the importance of "the sectalks doctrine" in debunking & dealing with ungrounded views.

    by Edward Farrell is a security consultant with over ten years’ experience in information security and fifteen years’ experience in the IT industry. As the director of Mercury ISS, one of Australia’s few remaining independent security firms, he has conducted or overseen the delivery 400 security assessment activities and incident responses in the past 5 years. His professional highlights include lecturing at the Australian Defence Force Academy, being rated in the top 200 bug bounty hunters in 2015 and running a badarse team of security professionals.

    # CTF
    Keep an eye out for our next Ninja Night.

    # Sponsors
    Check out our sponsors job opportunities.

    PWC (https://pwc.to/2FcpqF4)
    Atlassian (https://j.mp/313gJJZ): Senior Product Security Engineer
    Google (https://bit.ly/2IiKrCm)
    SecDim (https://j.mp/1qgPo0a)
    Amazon Information Security (https://j.mp/3eiTfEC)

    For sponsoring SecTalks Sydney, Please contact [masked] for more detail.

  • SecTalks SYD0x40 (59th) - Container Runtime Security

    Online event

    # Presentation: Container Runtime Security - why path resolution keeps me up at night

    One of the many things Linux containers share with the host operating
    system is the in-kernel VFS layer. This means that paths and objects
    inside containers and on the host aren't really differentiated by the
    kernel. Most container breakouts to date (aside from the ones where we
    made bone-headed configuration mistakes) take advantage of this
    "feature" in some way or another.

    As such, it's probably a good idea to discuss how these types of
    exploits have worked historically, what kinds of exploits I expect to
    see in the future, and what I've been working on to hopefully eliminate
    them as a class of vulnerabilities. While most of this talk is related
    to container runtimes, the underlying path resolution attacks likely
    impact most programs that operate on attacker-controlled directories.

    by Aleksa Sarai is a core developer and maintainer of runc and umoci,
    contributor and maintainer of Open Container Initiative specifications,
    and a Linux kernel contributor. He works on the containers team at SUSE, maintaining various core parts of the lower levels of the containers
    stack and related software for both SUSE Linux Enterprise and openSUSE; he is also committed to working in the open, and is a strong proponent of Free Software..

    # CTF
    Keep an eye out for our next Ninja Night.

    # Sponsors
    Check out our sponsors job opportunities.

    PWC (https://pwc.to/2FcpqF4)
    Atlassian (https://j.mp/313gJJZ): Senior Product Security Engineer
    Google (https://bit.ly/2IiKrCm)
    SecDim (https://j.mp/1qgPo0a)
    Amazon Information Security (https://j.mp/3eiTfEC)

    For sponsoring SecTalks Sydney, Please contact [masked] for more detail.