Bsides_Logo_sticker_fc2_final-1First Florida visit

It was my first visit to Florida, so I wasn’t sure what to expect. And I definitely was surprised by the size of local cockroaches. Those guys are huge! However, in general I came to Florida at one of the best times of the year. It wasn’t too hot and humidity level was acceptable. The venue, located at the main campus of UCF, was great as well. This was the fourth year of BSides Orlando and it had a great turnout, approximately 500 attendees. BSides is driven by the passion to connect security professionals, whether it’s to build relationships for a project, or to get to know others in the industry. Organizers encourage new and aspiring speakers the chance to present for the first time, so I was quite eager to attend and presenting my talk about Angler Exploit for the first time. My primary purpose was to give people an understanding of this particular campaign, explain ways we identify threats here at OpenDNS Labs, and ways to mitigate risks for our customers.

Noteworthy talks

I can’t overstate the quality of the material that I saw at Bsides Orlando. There were a lot of sharp individuals giving talks, but some of them I would like to mention aside.IMG_0835

Beau Bullock | Fade from Whitehat… to Black

I was most impressed at this keynote speech on offensive security, which showed how skilled and dedicated these guys are when it comes to infosec. I have a background in pentesting, but never had a chance to penetrate a real enterprise network, so it was very exciting to get inside details from Black Hills colleagues.

One of the most important takeaways for me was the analysis of Bitcoin VPS, because analysis of the money flow in criminal business is a topic that interests me greatly.

IMG_0838So if your network has been attacked and you were not able to track it back to the hacker, he most likely used a setup similar to the one mentioned above. And mentioned by the speaker, 99 percent of the pentests they conducted were successful, which again reminds us how insecure most enterprises are.

Another important aspect of this talk is that it focused on the attacker’s point of view, and this is something that really makes me think about how important it is to have a red team in the security department.

IMG_0839

Sanders Diaz | Introduction to Custom Protocol Fuzzing

This talk covered protocol fuzzing and reversing for finding vulnerabilities, but a lot of the methods can be used for research of custom protocols, that are created by malicious authors specifically for malware. 

IMG_0868Reverse engineering of custom protocols is getting more and more important when it comes to new ransom, Trojan, and worm threats. Their authors continuously change code, encryption protocols, and obfuscation. We still can identify and stop a lot of them because they use well known protocols for delivery and communication, but it would become more challenging if they change this behavior.

The organizers for BSides Orlando did a remarkable job and deserve a big round of applause for their efforts and having everything run smoothly. I can’t wait for the CFP to open for next year’s event so I can hopefully return again.

This post is categorized in: