BSidesLV has ended
Thank you for joining us for our 5th Anniversary celebration! We certainly hope you enjoy the conference. Here’s to Education, Collaboration, and Community!

Remember, we don’t take ourselves too seriously and you shouldn’t, either! To quote the old motto of another collaborative community, "We trick into learning with a laugh".

We wish you both laughter and learning - and lots of both!

-= Team BSidesLV 

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Proving Ground [clear filter]
Tuesday, August 5

11:00 PDT

#edsec: Hacking for Education
Every day, endless consumer and educational technologies provide learning opportunities in classrooms across the planet. We already live in a world where every moment of a child’s life can be recorded with metadata attached-- but what if sensitive education data became part of metadata profiles, too? While there has been a recent massive influx of investment and resources into education technology, few schools have the appropriate resources to build secure infrastructure for sensitive student data, and few education technology companies take the challenge of securing student information seriously. This talk will examine the current state of (in)security in schools and in the education technology industry that leaves sensitive student data and private information exposed for anyone with a basic understanding of hacking to exploit. In addition to exposing the gaping security holes and lack of minimum encryption standards in educational technology, it will focus on ways that hackers, technologists and parents can advocate for more security protections that will keep the private data of children safe and sound.

avatar for Jessy Irwin

Jessy Irwin

Security + Privacy Communications
Jessy is a marketing communications professional working in security in San Francisco. She is an outspoken advocate for stronger privacy and security protections in education technology, and spends as much time as possible teaching educators about online privacy + security. She regularly... Read More →

Tuesday August 5, 2014 11:00 - 11:30 PDT
Tuscany Suites 255 E. Flamingo Rd. Las Vegas, NV

11:35 PDT

So, you want to be a pentester?
So, you've gone to a bunch of conferences, and you've seen the movie Swordfish, and now you think you want to be a super l337 h4x0r, right? This will be a fast-paced, comedy-driven reality check for aspiring pro hackers and others hoping to jump in to infosec as a career.


Heather Pilkington

Heather has been in information security for more than ten years. From help desk and change management to incident response and threat and vulnerability management, this is her first full year as a paid penetration tester. But, based on research, conversations with other pros, and... Read More →

Tuesday August 5, 2014 11:35 - 12:05 PDT
Tuscany Suites 255 E. Flamingo Rd. Las Vegas, NV

12:10 PDT

Securing Sensitive Data: A Strange Game
Information security compliance regulations like PCI, HIPAA, SB1386 have been around for many years now, but we continue to suffer large data breaches. In this talk, an experienced PCI QSA will discuss why even the best efforts at compliance fail to prevent breaches, provide examples from the field of what goes wrong despite these best efforts, and how to win by not playing - by getting the sensitive data the thieves want out of your environment.


Jeff Elliot

Jeff Elliot is an Associate Director at Protiviti, where he is responsible for delivering Information Security services to many of Protiviti's largest clients. With seven years as a PCI QSA, and as the "Primary Contact" for Protiviti with the PCI Council, Jeff leads or consults on... Read More →

Tuesday August 5, 2014 12:10 - 12:40 PDT
Tuscany Suites 255 E. Flamingo Rd. Las Vegas, NV

14:00 PDT

Brick in the Wall vs Hole in the Wall
If (school < hackerspaces) && (textbooks < wikipedia) Then While (self-motivated = true){ experiment; }

If knowledge is power, then schools make us dumb and docile. Hackers know that we learn by doing -- by asking the inappropriate questions, breaking the rules, and being too stubborn to fail. Ironically, educational theorists in ivory towers also know this -- and they are all terrified of the future. Learn how we keep them scared.


Caroline D Hardin

Caroline D. Hardin worked as a programmer before serving 3 years in the Peace Corps where she taught IT in high schools and teacher training colleges. She returned to the US work as Program Chair of IT and adjunct professor at career colleges. Realizing that our educational model... Read More →

Tuesday August 5, 2014 14:00 - 14:30 PDT
Tuscany Suites 255 E. Flamingo Rd. Las Vegas, NV

14:35 PDT

Cut the sh**: How to reign in your IDS.
Intrusion detection systems, Network Security Monitoring. All too often, these countermeasures are portrayed as the ‘boy who cried wolf’, the magical box with blinking lights that does nothing but get the checkbox from $COMPLIANCE_AUDITOR, or that data that gets logged to your magical SIEM somewhere, and is never heard from again. I’m here to show you how to actually cut the shit on your IDS, get actionable intelligence, and make yourself the hunter, instead of the hunted.

This talk will primarily be focused around Snort and Suricata, since for the sake of this talk, they operate about the same, and they are where I got most of my battle scars. I’ll also be introducing resources for standing up your own sensors quickly, and cutting the shit rapidly.


Tony Robinson/da_667

Tony Robinson (@da_667) was a born and raised Detroiter. His background in IDS came from the school of hard knocks at Sourcefire (now a part of Cisco) as both a Technical Support Engineer, and Professional Services Consultant. He now works for a large, un-named power company, actively... Read More →

Tuesday August 5, 2014 14:35 - 15:05 PDT
Tuscany Suites 255 E. Flamingo Rd. Las Vegas, NV

15:10 PDT

Geek Welfare -- Confessions of a Convention Swag Hoarder
Have you ever had to justify to your company why you had to go to that expensive conference and give away all that swag — or why you came back with so much of it? Tired of explaining who “HardOn Soft” is when clients see their coffee mug on your desk? Who needs that many XXXXL T-shirts, anyway?!

Guess what — that’s all money that’s flying out of those companies’ hands with almost no return on investment (ROI)! Even worse, with so many ways to repurpose and repackage 90% of the swag out there, they can’t even claim they’re generating brand awareness!

Learn from a self-diagnosed Swag Hoarder on how to avoid your company wasting its hard-earned money on swag no self-respecting person would use (without a few “alterations”) — or if you’re just another face in the crowd, how to exploit what other companies are up to both by figuring out how to make sure of all the crap- er, ‘promotional material’ they give you, as well as how to win an iPad or other great prizes! (No, I won’t be GIVING one out at this talk, but there are tricks that will make it a lot easier for you to get one at your next big trade show!)

avatar for Rachel Keslensky

Rachel Keslensky

Usability Specialist, Dynamic Marketing Systems
A force from the Southeast Hacker Convention scene, Rachel has picked up plenty of unusual knowledge both from her formal education as well as what she’s picked up on her own from working on her creator-owned graphic novel series, Last Res0rt.Rachel has two degrees from the Georgia... Read More →

Tuesday August 5, 2014 15:10 - 15:40 PDT
Tuscany Suites 255 E. Flamingo Rd. Las Vegas, NV

15:45 PDT

No InfoSec Staff? No Problem.
Every IT organization accessing sensitive data, regardless of their size, must protect that data. Otherwise, your company is exposed to unacceptable risk. However, since cyber attacks on small and medium size businesses (SMB’s) rarely make headlines, it is easy for these IT organizations to develop a false sense of security. Information security is becoming increasingly challenging as both IT complexity and the threat landscape are evolving at an accelerated pace. During this presentation, I will share my methodology, including key, actionable recommendations to help you meet the challenge and manage your IT risk.


Anthony Czarnik

Experience on in-house IT teams, independent consulting and as a software vendor, Anthony Czarnik has developed a 360 degree perspective of Information Technology and Security. His professional roles include solutions architect, application developer, project manager, information... Read More →

Tuesday August 5, 2014 15:45 - 16:15 PDT
Tuscany Suites 255 E. Flamingo Rd. Las Vegas, NV

16:20 PDT

Can I Code Against an API to Learn a Product?
“Can I learn how to use the product my company sells by interfacing with its API?”

That was the question I asked myself when I started at OpenDNS in the marketing department. Having learned and used Python in business school, I decided to create an application that would monitor my organization’s DNS queries and email me a daily list of all new domains.

This talk walks you through my journey of re-familiarizing myself with Python, interoperating with a new product’s API, and massaging the results into a daily alert. The end goal: to create something useful to reference for future development, to learn about the API, and to impress my colleagues - many of whom have no idea that I’m doing this in the first place.

In my talk, I will provide examples of my logic, coding decisions, and any other stumbling blocks I ran into along the way in the hopes that attendees will take the plunge and hack away at something cool to further their knowledge.


Adrienne Merrick-Tagore

Adrienne Merrick-Tagore is a unicorn - but by day, she works as Product Marketing Manager at OpenDNS. Prior to joining OpenDNS, she worked in Marketing at WhiteHat Security. Before WhiteHat, she worked in several roles in the Financial Services industry, including Product Management... Read More →

Tuesday August 5, 2014 16:20 - 16:50 PDT
Tuscany Suites 255 E. Flamingo Rd. Las Vegas, NV

16:55 PDT

Bridging the Air Gap: Cross Domain Solutions
For years the government has been using CDS to bridge networks with different classification levels. This talk will focus on what CDS systems are, how they’re built, and what kind of configurations are common in the wild. Furthermore, we’ll look at testing techniques to evaluate the security of these systems and potential ways to exploit holes in configuration and design. We’ll also look at the ways the commercial world might benefit from a data and type-driven firewall as well as some of the downfalls and negative aspects of implementing a cross-domain system.


Patrick Orzechowski

Shifty is a veteran of over a decade in the infosec industry, some computer science schooling, dozens of conferences, and multiple brain-arcings. His particular area of interest is data-driven security, whether it’s mining actionable intel from mountains of metadata or protecting... Read More →

Tuesday August 5, 2014 16:55 - 17:25 PDT
Tuscany Suites 255 E. Flamingo Rd. Las Vegas, NV

17:30 PDT

Back Dooring the Digital Home
This talk will cover a high level vulnerability analysis of a modern digital home security system, which includes technologies such as an android touch screen, wireless motion sensors, cameras, zigbee components, mobile application(s), digital door locks, and thermostats.


David Lister

David has been active in many areas throughout the past 15 years, including roles as a sysadmin, developer, network engineer, firewall guy, appsec dude, and pentest monkey. He holds a Master's degree in Infrastructure Assurance, along with certifications such as OSCP, CCISO, CISSP... Read More →

Tuesday August 5, 2014 17:30 - 18:00 PDT
Tuscany Suites 255 E. Flamingo Rd. Las Vegas, NV
Wednesday, August 6

10:00 PDT

iOS URL Schemes: omg://
Have you ever clicked a phone number in Safari to get the phone app to call that store/car dealership/pizza place you were searching for?

In iOS, this interaction between apps happens via URL schemes, which are available to Apple applications as well as third party applications. Everyone uses them without noticing they exist. They are the most flexible of the imperfect methods available right now.

They are, however, a source of user input that should never be trusted as safe. In this presentation, we will look at real life examples of implementations of URL Schemes that could lead to issues such as destruction of data or help a malicious person identify an iOS user.

We will also look at simple ways to improve URL Scheme security for users of your apps as well as how to find URL Scheme vulnerabilities, for the ones out there who would like to help out.

avatar for Guillaume Ross

Guillaume Ross

Security Researcher, Uptycs
Guillaume is a security researcher for Uptycs, a security SaaS leveraging the power of Osquery as a cross-platform agent. He researches the best ways to secure systems, as well as to detect malicious activity occurring on them. He has presented and gotten in trouble at AtlSecCon before... Read More →

Wednesday August 6, 2014 10:00 - 10:30 PDT
Tuscany Suites 255 E. Flamingo Rd. Las Vegas, NV

10:35 PDT

Oops, That Wasn't Suppossed To Happen: Bypassing Internet Explorer's Cross Site Scripting Filter
There's a problem with Internet Explorer's anti-Reflective Cross Site Scripting filter. A problem Microsoft knows about, but has decided not to fix. Drop on by and learn a method for bypassing the anti-XSS filter in all versions of Internet Explorer.


Carlos Munoz

Carlos Munoz still considers himself relatively new to the world of Information Security, coming from the field of Mechanical Drafting & Design. For the past two and a half years he has focused on Web Application vulnerability assessment and light penetration testing,

Wednesday August 6, 2014 10:35 - 11:05 PDT
Tuscany Suites 255 E. Flamingo Rd. Las Vegas, NV

11:10 PDT

What I've Learned As A Con-Man
This is a presentation of case studies from past experience and what I have learned from each case in regards to social engineering and the Human Psyche.

avatar for Master Chen

Master Chen

VoIP Administrator, Stimulus Technologies
Techno-enthusiast. Hacker. Student of Life. Teacher of Shaolin.

Wednesday August 6, 2014 11:10 - 11:40 PDT
Tuscany Suites 255 E. Flamingo Rd. Las Vegas, NV

11:45 PDT

Training with Raspberry Pi
One of the biggest questions facing people trying to learn how to hack is “How do you practice without committing a felony?” Wi-Fi is one of the easiest things to break, but it still requires practice to be proficient. To practice, you can either go after a random Wi-Fi network or you can create your own target network. Using an old router is fine, but the passcode has to be changed manually. A Raspberry Pi was turned into a Wi-Fi access point using Hostapd. The goal was to create a hackable target that changes the access code every time it boots.

The Hostapd configuration file has an issue where you cannot store the WEP Key as a variable and then call that variable when the key is defined. This prevents urandom from being used to create a random key. A shell script was written to create the config file every time the Pi boots. This allows for the creation of a random key that can be inserted into the config file before hostapd loads. For verification purposes, the key is logged with creation date and time in a separate monitoring file.

To increase the training benefits of using the Pi platform, a web server was added and vulnerable web apps are hosted. This creates a training platform where both Wi-Fi and web app hacking can be practiced. The ultimate goal is to have a device where you break the Wi-Fi, gain root on the Pi, and force it to reboot. Once it reboots, a new passcode is in place, and the process must start all over. This way, the challenge stays fresh and engaging, and previously collected key material cannot be reused.

avatar for Nathaniel Davis

Nathaniel Davis

Nathaniel has worked in the field for more than six years. He started in policy, moved into network architecture and now work incident response. His interest in hacking has always been there, but it really started in earnest after wanting to understand how the security threats worked... Read More →

Wednesday August 6, 2014 11:45 - 12:15 PDT
Tuscany Suites 255 E. Flamingo Rd. Las Vegas, NV

12:20 PDT

Black Magic and Secrets: How Certificates Influence You!
Public key certificates are becoming more and more prevalent in software. These certificates are used in more places than just protecting web connections over HTTPS. They are used for authentication, trust, identification and secret trading within apps, behind firewalls and even between services. But, these black magic cryptography tools are only as secure as the code that implements them! Come see how bad practices, designs and testing habits can leave systems vulnerable and prone to exploitation!

avatar for Robert Lucero

Robert Lucero

Software Engineer in Test
Robert Lucero is a physics major turned software developer. He has nine years of software development experience working on various projects at Microsoft and more recently at Okta. There’s more stuff on his LinkedIn profile, but he’ll probably tell you more over a beer.

Wednesday August 6, 2014 12:20 - 12:50 PDT
Tuscany Suites 255 E. Flamingo Rd. Las Vegas, NV

14:00 PDT

Attacking Drupal
Drupal is a very popular content management system that has been widely adopted by government agencies, major businesses, social networks, and more -- underscoring why understanding how Drupal works and properly securing these applications is of the utmost importance. This talk focuses on the penetration tester's perspective of Drupal and dives into streamlining the assessment and remediation of commonly observed application and configuration flaws by way of custom exploit code and security checklists, all of which are open-source and can be downloaded and implemented following the presentation.

avatar for Greg Foss

Greg Foss

Principal Threat Researcher, Carbon Black
Greg Foss is LogRhythm’s head of Global Security Operations and a Senior Researcher with Labs – tasked with leading both offensive and defensive aspects of corporate security. He has just under a decade of experience in the information security industry with an extensive background... Read More →

Wednesday August 6, 2014 14:00 - 14:30 PDT
Tuscany Suites 255 E. Flamingo Rd. Las Vegas, NV

14:35 PDT

Hackers vs Auditors
A view into what hackers are about and what auditors are about, comparison and contrasting.


Dan Anderson

President, ISACA Utah Chapter
Dan Anderson has spent his life developing and implementing communications between systems and developing systems and applications in Military, Healthcare, and Mining. First, for the USAF, working on Navigation Systems on various aircraft, then in the Gold Mining industry for RTZ/Kennecott... Read More →

Wednesday August 6, 2014 14:35 - 15:05 PDT
Tuscany Suites 255 E. Flamingo Rd. Las Vegas, NV

15:10 PDT

Third-Party Service Provider Diligence: Why are we doing it all wrong?
The demands of Third Party Service Provider vendor due diligence and compliance management are growing rapidly in light of increased emphasis on these programs by regulators as well as outsourcing to reduce operational costs. Historically vendor diligence programs have not adequately and consistently addressed proactive identification of potential risks, ongoing competence of third party service provider, and production of a vendor management program that truly aligns with business strategies, identifies the risks commensurate with the complexity of the business environment, and produces a clear measure of the effectiveness of the provider.

In addition, service providers suffer under the burden of the sheer number of diligence questionnaires, lack of consistency in them, inconsistent workload, and resource conflicts with compliance and sales efforts. Diligence response is potentially labor intensive with the possibility of providing no return on the investment.

Aimed at third party service providers and businesses with vendor diligence programs, this presentation looks at case studies from real service providers and their customers to exemplify the ways that traditional vendor management fails to meet the objectives of today’s business and the regulatory environment. It then proposes a means to rectify these failures and evolve vendor due diligence programs to the next step. Participants will learn how to establish the goals of the vendor diligence program, understand the scope of the product and its potential impact on their environment, define a central body of knowledge, address only what is important, and iteratively evolve their diligence process to provide a more valuable product in less time.


Patrice Coles

Patrice Coles works for a large service provider with multiple products lines where she manages compliance and customer vendor due diligence response. Her areas of expertise include building and growing compliance and vendor response programs from scratch for startups, service providers... Read More →

Wednesday August 6, 2014 15:10 - 15:40 PDT
Tuscany Suites 255 E. Flamingo Rd. Las Vegas, NV

15:45 PDT

Pwning the hapless or How to Make Your Security Program Not Suck
Pwning the hapless or How to Make Your Security Program Not Suck

Customer data is our business. Whether within the financial or healthcare industries, the root of our business is to safely house and transmit information to and from trusted parties.

With the growing demand of increased access – in healthcare, from providers, employees, visitors and patients, from a variety of devices, increased federal enforcements of privacy and security requirements under the new HIPAA Omnibus Rule, there is an ongoing challenge of ensuring patient and customer information is adequately protected.

Numerous breaches within both the healthcare and financial fields have involved lost or stolen unencrypted devices, but mistakes by employees continue to be the biggest security threats to all businesses. Even tech-based companies are shown to be at risk for various social engineering attempts.

Why do these breaches keep happening? How can you, as an IT professional, or merely an employee with the safety of your customers’ data a concern, help your business create useful prevention strategies that employees will pay attention to? How do you train your non-tech employees to not be susceptible to social engineering attacks?

Emily, an insurance professional with ten years experience of working for 3 of the 5 biggest US disability insurance companies, and Casey, a Security Engineer with history working for commercial financial firms, will explore the unawareness non-tech employees have of their actions, discuss useful training and resource organization and allocation. We will walk through a few scenarios (the successful and non) and discuss what we have learned from human behavior and how it can apply to enforcing security policies or creating a culture of care.

Technical solutions will not be discussed specifically, as the focus will be on employee awareness, education and how we can do better.

By working through a few scenarios that we have personally encountered, we will address the topics of

- “Why To Care” – Problems with people caring about security
- Testing your people
- Getting the peons out of the loop
- Rewarding Security Efforts


Casey Dunham

Casey Dunham, is currently a Security Engineer with Bigelow Laboratories in Booth Harbor, ME. He also runs his own security consultancy, Gnosis Security, Inc. His InfoSec history includes working for commercial financial firms and volunteering at numerous regional and national InfoSec... Read More →

Emily Pience

Emily Pience is currently a Clinical Innovation Specialist with [redacted name of major American health and medical insurance company]. She has never worked in InfoSec but was raised by an Electrical Engineer in the cable industry, and believes herself to be a bastard of the engineering... Read More →

Wednesday August 6, 2014 15:45 - 16:15 PDT
Tuscany Suites 255 E. Flamingo Rd. Las Vegas, NV

16:20 PDT

Teach a man to Phish...
"When the world ends, the only things that will be left on earth will be cockroaches, Twinkies, Keith Richards, and Phishing emails. With easy access to free and low cost cloud services, the Phisher’s job is easier than ever. This session will shed light on the number, variety, and complexity of Phishing emails in an effort to explain why they have not disappeared and why things will get far worse before they get better.

Data from OpenDNS’ PhishTank will be collected, analyzed, and presented to reinforce just how serious the Phishing problem is and how you can help Vinny punch a Phisher in the face by joining the growing community."


Vinny Lariza

"As the OpenDNS Community Moderator, Vinny LaRiza does a lot more than swing the banhammer. In addition to patrolling the groups, he serves as support for people experiencing website blocks due to malicious activity, and helps the research team identify malware false positives.Vinny... Read More →

Wednesday August 6, 2014 16:20 - 16:50 PDT
Tuscany Suites 255 E. Flamingo Rd. Las Vegas, NV

16:55 PDT

The Lore shows the Way
Mistakes have been made, and mistakes will be made again. Those unfamiliar with the history of the situation may end up going through the same thought processes and making the same mistakes as the previous generations.

This presents both problems and opportunities for security; it means that project managers and developers will need to keep a close eye on the development process to avoid making these known mistakes, and it also means that penetration testers and other red-team members have (provided they research the development history of their target) a list of potential avenues for exploit.

Through being aware of the historical avenues of attack and the bugs exploited in the past,

avatar for Eric Rand

Eric Rand

Systems Mangler, Brown Hat Security
An amateur blacksmith, an amateur radio operator, and a professional know-it-all, Eric has had a deep appreciation for the lore surrounding the IT world for many years. When he's not digging through obscure fora to find out who thought XCHG EAX:EAX was a good idea for a NOP command... Read More →

Wednesday August 6, 2014 16:55 - 17:25 PDT
Tuscany Suites 255 E. Flamingo Rd. Las Vegas, NV