{"$schema": "https://c3voc.de/schedule/schema.json", "generator": {"name": "pretalx", "version": "2026.1.1"}, "schedule": {"url": "https://pretalx.com/chcon-2024/schedule/", "version": "1.2", "base_url": "https://pretalx.com", "conference": {"acronym": "chcon-2024", "title": "CHCon 2024", "start": "2024-11-21", "end": "2024-11-23", "daysCount": 3, "timeslot_duration": "00:05", "time_zone_name": "Pacific/Auckland", "colors": {"primary": "#3aa57c"}, "rooms": [{"name": "Ngaio Marsh Theatre", "slug": "3513-ngaio-marsh-theatre", "guid": "55d1960b-50d8-569a-ab51-598dae88d578", "description": "Ngaio Marsh Theatre", "capacity": null}, {"name": "Room of Requirement", "slug": "3532-room-of-requirement", "guid": "7622ab21-928b-5479-8ac1-7f9515d8a813", "description": null, "capacity": 30}, {"name": "Bentleys", "slug": "3533-bentleys", "guid": "0c1d5b9a-9f05-5598-acbc-a28465730813", "description": null, "capacity": 30}, {"name": "Te Akatoki", "slug": "3531-te-akatoki", "guid": "b36da3ee-3bd7-539f-b839-d5d3d26ca44a", "description": null, "capacity": 20}], "tracks": [{"name": "Training", "slug": "4443-training", "color": "#106BF4"}, {"name": "Crew", "slug": "4444-crew", "color": "#D60CF7"}, {"name": "Registration", "slug": "4445-registration", "color": "#F5F769"}, {"name": "Main Track", "slug": "4442-main-track", "color": "#0A51F0"}], "days": [{"index": 1, "date": "2024-11-21", "day_start": "2024-11-21T04:00:00+13:00", "day_end": "2024-11-22T03:59:00+13:00", "rooms": {"Te Akatoki": [{"guid": "ef8b380c-a750-5a99-86e3-08380c629823", "code": "JN7FQY", "id": 51113, "logo": null, "date": "2024-11-21T08:00:00+13:00", "start": "08:00", "duration": "09:00", "room": "Te Akatoki", "slug": "chcon-2024-51113-ics-ot-cyber-security-crash-course", "url": "https://pretalx.com/chcon-2024/talk/JN7FQY/", "title": "ICS / OT Cyber Security Crash Course", "subtitle": "", "track": "Training", "type": "Training Day", "language": "en", "abstract": "Learn the foundational and basics of Operational Technology (OT) / Industrial Control System (ICS) Cyber Security. Understand the differences between an Infosec / Information Technology and OT / ICS, why some of the traditional security controls and countermeasures can increase organisational risk rather than decrease it. This training will also explain some alternative approaches to mitigate risks associated with critical infrastructure, if you work in an environment that has OT or ICS, or are curious to know more about securing these environments this is a great first step.", "description": "This crash course covers foundational and basic information on what is ICS and OT, how to understand their functions and why they require a unique approach to security controls and countermeasures. \n\nAside from the theory required, there will be some exercises on Ladder Logic, Purdue Model, and effective countermeasures. \n\nFinally, at the end of the day, there will be a demonstration using SCADA and PLC software.", "recording_license": "", "do_not_record": false, "persons": [{"code": "Q8LLR7", "name": "Gavin Dilworth", "avatar": "https://pretalx.com/media/avatars/Q8LLR7_fXspk5y.webp", "biography": "Gavin has had a varied career within the Operational Technology (OT) space, spanning over 17 years, he has been an Operator, Control System Engineer, Managing Consultant, Senior Professional Service Engineer and Principal ICS / OT Cyber Security Engineer.  Has worked in many industries within critical infrastructure and obtained many of the cyber security qualifications and certifications required to protect and secure the OT and Industrial Control System (ICS) environments.", "public_name": "Gavin Dilworth", "guid": "69a6851e-3e2f-51f7-9220-557d3fc9a4f2", "url": "https://pretalx.com/chcon-2024/speaker/Q8LLR7/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/JN7FQY/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/JN7FQY/", "attachments": []}], "Room of Requirement": [{"guid": "c933426d-884a-5363-a5df-9a2e51c469d8", "code": "UZ9NMX", "id": 51158, "logo": null, "date": "2024-11-21T08:00:00+13:00", "start": "08:00", "duration": "04:00", "room": "Room of Requirement", "slug": "chcon-2024-51158-incident-response-101", "url": "https://pretalx.com/chcon-2024/talk/UZ9NMX/", "title": "Incident Response 101", "subtitle": "", "track": "Training", "type": "Training Session", "language": "en", "abstract": "With Cybersecurity incidents becoming more prevalent across the globe, it is now a matter of when not if something will occur. Our training will help you understand the phases that are normally part of an incident and what role you would likely need to play according to your organisation's response plan (you know where yours is and test it regularly right?).  Equip yourself with the knowledge you need to help reduce the impact of a cyberattack.", "description": "The training session covers a simulated fictitious incident where teams need to work together to resolve the incident as quickly as possible.  This provides participants the opportunity to gain first-hand experience of key concepts in an incident, with multiple repetitions through it to help to solidify core concepts.  \n\nThe training prepares teams with the foundational knowledge of how people may respond under pressure, setting the groundwork for a common language and understanding before moving to more advanced exercises (e.g. tabletop exercises, purple teaming). It also covers each phase of the NIST Incident Response Lifecycle.", "recording_license": "", "do_not_record": false, "persons": [{"code": "8GFSUS", "name": "DJ", "avatar": null, "biography": "DJ (a.k.a. Moss) remains optimistic that he can make organisations great again (read: more secure), however has seen his fair share of horror stories over his career.  With risks being blindly accepted and added to ever expanding registers, it wasn't long before he was in the ambulance at the bottom of the cliff.  Let his dulcet tones soothe you as you come for a ride and learn how to be useful instead of just making nee-naw sounds when the worst occurs.", "public_name": "DJ", "guid": "222b7c0d-8398-5165-b29c-0bd6369e27d7", "url": "https://pretalx.com/chcon-2024/speaker/8GFSUS/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/UZ9NMX/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/UZ9NMX/", "attachments": []}, {"guid": "61f71416-de3d-5b91-91ae-ee56504ff167", "code": "LXRXD7", "id": 51585, "logo": null, "date": "2024-11-21T13:00:00+13:00", "start": "13:00", "duration": "04:00", "room": "Room of Requirement", "slug": "chcon-2024-51585-an-introduction-to-web-application-security-through-python", "url": "https://pretalx.com/chcon-2024/talk/LXRXD7/", "title": "An introduction to web application security through Python", "subtitle": "", "track": "Training", "type": "Training Session", "language": "en", "abstract": "As an introduction to web application security through Python, this training session aims to give attendees the tools to understand the most common security vulnerabilities faced by web applications as well as how to fix them.", "description": "This training aims to introduce attendees to common web application vulnerabilities through a hands on format. This workshop will use a vulnerable Flask website to demonstrate various vulnerabilities from the OWASP top 10 and other common vulnerabilities I've found through my career.\n\nFor each vulnerability covered, it will be laid out in roughly the following format:\n- An introduction to the issue at a high level. This will cover things such as what the issue is, potential impact to applications and how to test for it in your own applications.\n- Hands on hacking where each attendee will attempt to exploit the issue in the vulnerable Flask application, experienced helpers will be on hand to help walk you through exploiting each issue.\n\nTime permitting, we will also aim to complete the following steps for each issue:\n- After exploiting the issue, we will discuss mitigating steps and ways to fix this in your applications.\n- Attendees can then fix the issue on a local version of the vulnerable site and verify their fix, with experienced helpers on hand to assist with this step.\n\nThis workshop will also introduce attendees to various tooling for both exploiting vulnerabilities as well as Python tooling to help prevent the vulnerabilities in the first place.\n\nParticipants will require the following:\n- The ability to provide a laptop to use throughout the workshop.\n- The ability to run BurpSuite Community Edition. This is free and we will teach the users the required knowledge for how it will be used in the workshop on the day.\n- An internet connection to receive the lab files. A requirements file and source code will be provided on the day.", "recording_license": "", "do_not_record": false, "persons": [{"code": "MGRDUV", "name": "Ethan McKee-Harris", "avatar": "https://pretalx.com/media/avatars/MGRDUV_peZRwm7.webp", "biography": "Ethan McKee-Harris, aka Skelmis, is a security consultant by trade. He spends his days hacking web applications and bypassing voice authentication systems. Beyond that, Ethan is an avid open source developer with experience on both sides of the metaphorical 'security fence'.", "public_name": "Ethan McKee-Harris", "guid": "f97ed9b0-dd00-55c7-beea-f4a7a3ac3efe", "url": "https://pretalx.com/chcon-2024/speaker/MGRDUV/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/LXRXD7/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/LXRXD7/", "attachments": []}], "Bentleys": [{"guid": "d6d42945-344a-55fa-81c7-03b3429bcc51", "code": "Y9X3W8", "id": 52095, "logo": null, "date": "2024-11-21T08:00:00+13:00", "start": "08:00", "duration": "04:00", "room": "Bentleys", "slug": "chcon-2024-52095-wifi-novice-to-professional", "url": "https://pretalx.com/chcon-2024/talk/Y9X3W8/", "title": "WiFi - Novice to Professional", "subtitle": "", "track": "Training", "type": "Training Session", "language": "en", "abstract": "Embark on a journey into the heart of WiFi technology with our dynamic training program. Delve into the core principles while keeping pace with the latest advancements in the field. This immersive experience isn't just about theory; it's about hands-on learning. Navigate through virtual wireless arenas, applying newfound skills in real-world exercises.\n\nFrom tackling personal networks to infiltrating enterprise setups, this training equips you to handle diverse challenges. Explore both fortified and vulnerable configurations, honing your expertise in thwarting attacks. And with a focus on the cutting-edge WPA3 standard, you'll be prepared for the newest frontiers of WiFi security.", "description": "Embark on a journey into the heart of WiFi technology with our dynamic training program. Delve into the core principles while keeping pace with the latest advancements in the field. This immersive experience isn't just about theory; it's about hands-on learning. Navigate through virtual wireless arenas, applying newfound skills in real-world exercises.\n\nFrom tackling personal networks to infiltrating enterprise setups, this training equips you to handle diverse challenges. Explore both fortified and vulnerable configurations, honing your expertise in thwarting attacks. And with a focus on the cutting-edge WPA3 standard, you'll be prepared for the newest frontiers of WiFi security.", "recording_license": "", "do_not_record": false, "persons": [{"code": "HWBFS9", "name": "Toby Reynolds", "avatar": "https://pretalx.com/media/avatars/HWBFS9_IJG2JEf.webp", "biography": "Toby \"TheXero\" Reynolds is a dynamic security professional, with over a decade of experience, His career spans a diverse clientele in both commercial and non-commercial sectors. With a keen focus on enhancing cybersecurity, his expertise lies in vulnerability research, exploit development, and blackbox Penetration Testing. As a thought leader in the field, Toby not only identifies and addresses security gaps but also takes the lead as the primary trainer in courses that delve into the intricacies of attacker tools and methodologies. By combining practical experience with a passion for education, he empowers others to navigate the ever-evolving landscape of cybersecurity with confidence.", "public_name": "Toby Reynolds", "guid": "4ddcfc6f-5982-5eae-b818-b26602e6f754", "url": "https://pretalx.com/chcon-2024/speaker/HWBFS9/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/Y9X3W8/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/Y9X3W8/", "attachments": []}, {"guid": "c2eecee6-ebaa-5194-91c0-31ed197510b9", "code": "LT8GHD", "id": 52914, "logo": "https://pretalx.com/media/chcon-2024/submissions/LT8GHD/ai-boilerplate_zCE7DXs.png", "date": "2024-11-21T13:00:00+13:00", "start": "13:00", "duration": "04:00", "room": "Bentleys", "slug": "chcon-2024-52914-rev-eng-e", "url": "https://pretalx.com/chcon-2024/talk/LT8GHD/", "title": "REV.ENG.E\u2082", "subtitle": "", "track": "Training", "type": "Training Session", "language": "en", "abstract": "Reverse Engineering for Education/Entertainment provides an introduction to analysing code, bytecode, and application binaries.", "description": "This session will cover:\n* The use and abuse of common developer tools\n* Live debugging techniques\n* Fantastic tools and where to find them", "recording_license": "", "do_not_record": false, "persons": [{"code": "JSNM3U", "name": "Karl Barrett", "avatar": "https://pretalx.com/media/avatars/JSNM3U_TVe5I32.webp", "biography": "Karl is a principal consultant and co-founder of P\u0101kiki Security (Christchurch / Wellington). He has been a professional breaker of things for 10 years, with many more unlicensed years before that.", "public_name": "Karl Barrett", "guid": "54db2f35-e674-5054-85fe-1eaa3c681751", "url": "https://pretalx.com/chcon-2024/speaker/JSNM3U/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/LT8GHD/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/LT8GHD/", "attachments": []}]}}, {"index": 2, "date": "2024-11-22", "day_start": "2024-11-22T04:00:00+13:00", "day_end": "2024-11-23T03:59:00+13:00", "rooms": {"Ngaio Marsh Theatre": [{"guid": "b5fad103-f8f3-5862-bdc1-41cb4a38d607", "code": "ZRFTXG", "id": 57443, "logo": null, "date": "2024-11-22T08:45:00+13:00", "start": "08:45", "duration": "00:15", "room": "Ngaio Marsh Theatre", "slug": "chcon-2024-57443-conference-opening", "url": "https://pretalx.com/chcon-2024/talk/ZRFTXG/", "title": "Conference Opening", "subtitle": "", "track": "Crew", "type": "Talk", "language": "en", "abstract": "Welcoming to Christchurch Hacker Conference as performed by Kevin and Dan", "description": "The opening of the conference", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/ZRFTXG/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/ZRFTXG/", "attachments": []}, {"guid": "43ce0acd-6f97-52bb-831b-3dbd1262d5ed", "code": "HRWPKQ", "id": 55855, "logo": null, "date": "2024-11-22T09:00:00+13:00", "start": "09:00", "duration": "01:00", "room": "Ngaio Marsh Theatre", "slug": "chcon-2024-55855-we-re-all-scared-too-10-years-of-lessons-from-cybersecurity-mentorship", "url": "https://pretalx.com/chcon-2024/talk/HRWPKQ/", "title": "We're All Scared, Too: 10 Years of lessons from Cybersecurity Mentorship", "subtitle": "", "track": "Main Track", "type": "Long time good talk", "language": "en", "abstract": "The crew will roll the DnD dice. The first number will be the talk number on the schedule, the second will be the slide. We will show the slide and you will talk about that one until we pick the next. \n\nThis is a place holder for your real talk and we would not actually do this.", "description": "We're All Scared, Too: 10 Years of lessons from Cybersecurity Mentorship", "recording_license": "", "do_not_record": false, "persons": [{"code": "YLLNHS", "name": "Lesley Carhart", "avatar": null, "biography": null, "public_name": "Lesley Carhart", "guid": "8d9d8fa7-0f61-56cb-a33a-2457abed8afb", "url": "https://pretalx.com/chcon-2024/speaker/YLLNHS/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/HRWPKQ/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/HRWPKQ/", "attachments": []}, {"guid": "3529ef0d-9a64-53e1-bcbc-87d4634d9220", "code": "XVD9XM", "id": 55340, "logo": null, "date": "2024-11-22T10:05:00+13:00", "start": "10:05", "duration": "00:25", "room": "Ngaio Marsh Theatre", "slug": "chcon-2024-55340-fellowship-of-ring-0-how-to-hack-into-a-cyber-security-career", "url": "https://pretalx.com/chcon-2024/talk/XVD9XM/", "title": "Fellowship of Ring-0: How to hack into a Cyber security career", "subtitle": "", "track": "Main Track", "type": "Talk", "language": "en", "abstract": "The goal of this talk is to give people interested in getting into cyber security, or who have just started but aren\u2019t sure where you\u2019re going to land, an idea of: where you can start, where you can go, and what you can do to get there.", "description": "In the 90s, cybersecurity was still pretty underground and mostly revolved around hackers and government suits. Now in 2024, you can get an actual university degree in it. Cybersecurity has grown into a proper full grown industry, even though the image it holds still screams 90s cyberpunk future. We know this can be pretty daunting to newbies on the outside, looking to get involved.\n\nIn this talk, three industry \u2018veterans\u2019 will talk about our path in cyber security, the jobs we\u2019ve done, what we do now, and try and de-bunk some of the gatekeeping you may have encountered.", "recording_license": "", "do_not_record": false, "persons": [{"code": "RP77CM", "name": "Jed Laundry", "avatar": null, "biography": "Jed Laundry is a Senior Manager at CyberCX, based in Christchurch. His background includes working as a software developer, IT ops lead, and security do-it-all-person, as well as all round geek who geeks call geeky. His family is very forgiving of all the over-the-top projects he has around his house.", "public_name": "Jed Laundry", "guid": "a7d7434b-a028-552a-8a05-339c6ddcfc34", "url": "https://pretalx.com/chcon-2024/speaker/RP77CM/"}, {"code": "SZVUAZ", "name": "sput", "avatar": "https://pretalx.com/media/avatars/SZVUAZ_X8pk85k.webp", "biography": "Erica Anderson, aka sput, is a security nerd through and through. While her most recently formal titles have included founder and manager, she finds the most joy in building (and helping others build) things securely. She also manifests chaos with the Kawaiicon cr\u00fce and Digital Future Aotearoa.", "public_name": "sput", "guid": "7ce3c981-94fe-54bc-83cd-eb10abb8ea46", "url": "https://pretalx.com/chcon-2024/speaker/SZVUAZ/"}, {"code": "TQJWTT", "name": "Ben Creet", "avatar": null, "biography": "Ben Creet, aka Creeture, is a reforming policy wonk turned cyber security leader. Ben is the Treasurer of the NZ Internet Task Force, an iSANZ board member, and is a member of InternetNZ. Ben works at the National Cyber Security Centre as a unit manager, leading three teams of cyber security professionals in what he describes as the NCSC\u2019s \u2018GRC shop\u2019.", "public_name": "Ben Creet", "guid": "755b5a66-a2ed-5dfc-9bbd-96f3f9be5b45", "url": "https://pretalx.com/chcon-2024/speaker/TQJWTT/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/XVD9XM/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/XVD9XM/", "attachments": []}, {"guid": "1c452d1a-fa7c-5a5d-aed4-e7f38b8e3955", "code": "B7GE3Y", "id": 53197, "logo": null, "date": "2024-11-22T11:05:00+13:00", "start": "11:05", "duration": "00:25", "room": "Ngaio Marsh Theatre", "slug": "chcon-2024-53197-how-to-not-be-a-dick-in-the-it-industry", "url": "https://pretalx.com/chcon-2024/talk/B7GE3Y/", "title": "How to not be a dick in the IT industry", "subtitle": "", "track": "Main Track", "type": "Talk", "language": "en", "abstract": "The Cybersecurity industry is full of weird and wonderful people, however much like any other industry, there are often some colourful characters who can make a questionable comment or two which can really crush a young, hopeful Cybersecurity consultant's spirit.\n \nThis talk will go over some of the most humiliating and thought provoking experiences that we have experienced while working in the Cybersecurity industry. Including how to deal with these situations  and most importantly how not to be a dick in the industry. \n\nAllow Justina and Lou to recount their work horror stories of people being dicks, and how to not be a dick.", "description": "We are currently consultants from Bastion Security and have been working in the industry long enough to collect a number of work stories illustrating how people can just be dicks. Think gaslighting you. Think ignoring you. Think telling you that you don't know what 2FA is!\n\nThe goal of this talk is to educate our peers to better understand how their actions may impact other people, and what they can do to make sure we are encouraging and supporting new people into the industry. We also want to give you some simple advice so that you feel better equipped to handle situations where you feel like someone is being a dick. \n\t\nIn this talk we recount 3 horror stories from our own experiences - but with a positive spin and a key theme. The key themes we will be sharing as part of these stories are: \n\n- Have your listening ears on - don't think you know everything, we do have important things to say - especially when we are telling you that MFA is not working.\n\n- Be careful with your words - words are mightier than the sword, so please don't tell me I've done something wrong in front of an entire office of people.\n\n- Make sure everyone feels seen - in a meeting of 3 people, it's still easy to leave one person feeling like their perspective is not seen or heard.\n\nWe hope that by sharing with you these stories, we educate people how to not be a dick - ultimately making the industry a better place for everyone.", "recording_license": "", "do_not_record": false, "persons": [{"code": "FNFVY9", "name": "Justina", "avatar": null, "biography": "Justina is a penetration tester at Bastion Security Group. She has just over 3 years experience working in Cybersecurity and has a passion for OSINT and Social Engineering. Justina is active in the NZ Cybersecurity space, having run OSINT training at ChCon 2023.", "public_name": "Justina", "guid": "4ec93803-4b16-5bbd-8fe9-2cb8a79af646", "url": "https://pretalx.com/chcon-2024/speaker/FNFVY9/"}, {"code": "RCJMCW", "name": "Louise Kendall", "avatar": "https://pretalx.com/media/avatars/RCJMCW_DNDqA6O.webp", "biography": "I am someone who found themselves in security through a lot of good luck. \n\nAfter studying linguistics and French at university I somehow made it into an IT graduate programme and haven't looked back. \n\nI have experienced the highs and lows of both public and private sector, and now currently work at Bastion Security Group within GRC. At Bastion I am a vCISO for several organisations, and enjoy the challenge that is getting buy-in for security from across the business - luckily for me this is where my expensive piece of paper (degree) comes in handy.", "public_name": "Louise Kendall", "guid": "7d4ab1f6-78e3-59f1-b13f-dd0d0a9c1afa", "url": "https://pretalx.com/chcon-2024/speaker/RCJMCW/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/B7GE3Y/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/B7GE3Y/", "attachments": []}, {"guid": "695eea8e-ea40-5e83-8a68-d52fc1d20fb7", "code": "B9CK8B", "id": 50533, "logo": "https://pretalx.com/media/chcon-2024/submissions/B9CK8B/OODA_Loop_554V14t.png", "date": "2024-11-22T11:35:00+13:00", "start": "11:35", "duration": "00:25", "room": "Ngaio Marsh Theatre", "slug": "chcon-2024-50533-better-investigations-with-ooda-loops", "url": "https://pretalx.com/chcon-2024/talk/B9CK8B/", "title": "Better Investigations with OODA Loops", "subtitle": "", "track": "Main Track", "type": "Talk", "language": "en", "abstract": "Asked an experienced staff member to explain their investigative process to a new starter and been met with a blank stare, a hand wave and a vague \"I just do what makes sense\"? Even worse, \"I re-image the machine and move on\"! As an industry, we can do better than this, and this talk will show you how you can apply a decision making model around your thinking - from level one SOC to in-depth system investigation - to enhance your investigations today.", "description": "Militaries around the world have been using OODA loops for years at both strategic and tactical levels to quickly make solid decisions that revolve around disrupting and gaining an advantage over their adversaries. In an industry first, I'm taking some military terminology and applying it to Cyber Security! \nCome with me on a practical journey through the triage of both security alerts, and findings from system investigations, and practice applying the OODA (Observe, Orient, Decide, Act) decision making model. Through this application, you'll learn how to make good investigation repeatable, trainable, and easily communicable, leading to better outcomes for you AND your customers!", "recording_license": "", "do_not_record": false, "persons": [{"code": "BYR78J", "name": "LukeP", "avatar": "https://pretalx.com/media/avatars/BYR78J_k8qINv8.webp", "biography": "Hi, I'm Luke Pearson, and I work in CyberSecurity, with a focus on digital forensics and incident response (DFIR). I've helped companies of all shapes and sizes handle incidents and tighten up their security; from those in the Fortune 100, through various military and police organisations, to healthcare and smaller businesses. \n\nI LOVE investigations and incident response, both as an investigator or as an incident lead. Analysing artifacts, pulling indicators out of evidence sets, or leveraging the expertise of others to track attackers through digital landscapes gets me out of bed in the morning. Surround me with intelligent people, put a problem in front of us, and I'm living the dream.\n\nApart from the hands-on stuff, I also enjoy teaching. I share what I know at events public events (previously in Black Hat Asia, B-Sides and AvengerCon, among others) or in private sessions. I consistently try to tailor my speaking and teaching to my audience, and the feedback I've received indicates I'm fairly successful.\n\nBut it's not just about the technical side for me. I also enjoy helping companies do well overall. I dig in to business process, going beyond the tech to help the entire business succeed. My primary goal is to support and teach my community, whether it's creating challenges for colleagues, taking part in online discussion, or giving talks at conferences. I'm always part of educational projects, committed to sharing what I know.", "public_name": "LukeP", "guid": "95980946-6bb1-53be-a43f-4bb62a596913", "url": "https://pretalx.com/chcon-2024/speaker/BYR78J/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/B9CK8B/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/B9CK8B/", "attachments": []}, {"guid": "70f408b7-01d8-53ae-9e47-12c1d68c1359", "code": "RLJDSS", "id": 48139, "logo": null, "date": "2024-11-22T12:05:00+13:00", "start": "12:05", "duration": "00:25", "room": "Ngaio Marsh Theatre", "slug": "chcon-2024-48139-windows-data-protection-api", "url": "https://pretalx.com/chcon-2024/talk/RLJDSS/", "title": "Windows - Data Protection API", "subtitle": "", "track": "Main Track", "type": "Talk", "language": "en", "abstract": "Curious on what the Windows built-in Data Protection API (DPAPI) is? Want to understand how it can be abused from an offensive perspective? This talk will explain how the DPAPI works under the hood, various abuse scenarios, and what to consider when developing Windows applications that use the DPAPI", "description": "Come and learn how developer can use the Windows Data Protection API (DPAPI) to encrypt secrets, and how applications, including browsers, use this API. You will gain a basic understand on how the DPAPI works under the hood in Windows systems, and how it is often abuse from an offensive perspective.", "recording_license": "", "do_not_record": false, "persons": [{"code": "YFBYQH", "name": "Claudio Contin", "avatar": "https://pretalx.com/media/avatars/YFBYQH_5AoVzhV.webp", "biography": "Claudio is a Red Teamer / Penetration tester / Security enthusiast / Former Developer with more than twenty years experience with web technologies.\nClaudio presented at several international security conferences: Defcon (Demo Labs), Black Hat (Arsenal), Kiwicon, Bsides San Francisco, OWASP.\nCurrently Claudio works as principal consultant at Tier Zero Security.", "public_name": "Claudio Contin", "guid": "45ea5eac-a96c-533d-845a-d582e420a4f3", "url": "https://pretalx.com/chcon-2024/speaker/YFBYQH/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/RLJDSS/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/RLJDSS/", "attachments": []}, {"guid": "bb7230bb-a47d-5357-b333-923dbfc2d4d1", "code": "LEKAFY", "id": 51776, "logo": null, "date": "2024-11-22T13:35:00+13:00", "start": "13:35", "duration": "00:45", "room": "Ngaio Marsh Theatre", "slug": "chcon-2024-51776-ntlm-the-last-ride", "url": "https://pretalx.com/chcon-2024/talk/LEKAFY/", "title": "NTLM: The Last Ride", "subtitle": "", "track": "Main Track", "type": "45er", "language": "en", "abstract": "Microsoft is planning to kill off NTLM (New Technology Lan Manager) authentication in Windows 11 and above. Let's speedrun coercing hashes out of a few more things before it fades into obscurity over the next twenty five years or so.  \n \nThere will be a deep dive on several new bugs we disclosed to Microsoft (including bypassing a fix to an existing CVE), some interesting and useful techniques, combining techniques from multiple bug classes resulting in some unexpected discoveries and some absolutely cooked bugs. We\u2019ll also uncover some defaults that simply shouldn't exist in sensible libraries or applications as well as some glaring gaps in some of the Microsoft NTLM related security controls.", "description": "This talk is based on a series of unexpected discoveries that spiraled into a full-blown research project after a coworker innocently suggested I provide an NTLM challenge to what I thought was simple blind SSRF (Server Side Request Forgery). Several round trips to the MSRC (Microsoft Security Response Centre) and bug bounties later, we came up for air with a new appreciation on how to coerce NTLM authentication out of applications with a minimum amount of fuss.\n \nWhile capturing a Net-NTLMv2 hash on a web application penetration test can be a good finding, being able to coerce hashes on port 80 in an internal network can be absolutely devastating and result in large amounts of lateral movement and privilege escalation within a domain. \n\nThis talk will be beneficial to pentesters, security researchers, bug hunters and red teamers as we deep dive into Windows authentication and bypassing trusted zones. There will be ideas for weird and wonderful places for the red team to to try and find NTLM hashes. For the blue team, there will be details on what you need to be looking for and securing in your environment. We will also have a closer look at some of the legacy Win32 APIs to find out why Windows can't do anything without trying to authenticate.", "recording_license": "", "do_not_record": false, "persons": [{"code": "TAJRCF", "name": "Jim Rush", "avatar": "https://pretalx.com/media/avatars/TAJRCF_6LezW2C.webp", "biography": "jim:\nI'm a former software developer who has somehow ended up hacking things for a living, which is infinitely more fun as most of you know. I'm an active security researcher with several CVEs, including Blackboard, Moodle, Nuget, MS-Office and Kramer products.\n\ntomais:\nI'm an enthusiastic hacker who enjoys CTFs and have competed at an international level in the ICC CTF as well as being part of the CursedCTF 2024 winning team. I'm also an active security researcher with a bunch of CVEs and countless other bugs for a bunch of 'solved problems' in security.", "public_name": "Jim Rush", "guid": "cf93852f-1c86-53a1-9ce2-d48bd575f9ec", "url": "https://pretalx.com/chcon-2024/speaker/TAJRCF/"}, {"code": "P79VML", "name": "Tomais Williamson", "avatar": null, "biography": "Tomais is a Welly hacker that loves making computers do the wrong things. He is a part of the FrenchRoomba and Team Oceania CTF teams, and has been in the security industry since escaping university.", "public_name": "Tomais Williamson", "guid": "a976515a-187f-5b8a-8cad-a3aaf2a79def", "url": "https://pretalx.com/chcon-2024/speaker/P79VML/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/LEKAFY/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/LEKAFY/", "attachments": []}, {"guid": "78424f53-b409-555c-8dd9-63eb17a083d2", "code": "HSFAZH", "id": 53071, "logo": null, "date": "2024-11-22T14:25:00+13:00", "start": "14:25", "duration": "00:25", "room": "Ngaio Marsh Theatre", "slug": "chcon-2024-53071-it-s-me-hi-i-m-the-problem-it-s-me-a-five-year-review-of-security-communications", "url": "https://pretalx.com/chcon-2024/talk/HSFAZH/", "title": "It\u2019s me, hi! I\u2019m the problem, it\u2019s me; a five year review of security communications", "subtitle": "", "track": "Main Track", "type": "Talk", "language": "en", "abstract": "It\u2019s been five years, two kids, six jobs, four Taylor Swift albums, one global pandemic and eleventy billion security incidents since I last spoke at CHCon, so what\u2019s changed in the global security landscape and how we talk about security incidents and breaches?", "description": "More and more, security incidents and breaches are becoming familiar to people outside the security industry. As awareness grows, incidents and how they\u2019re responded to are no longer judged by the technical response alone; solid communications is critical to both response and recovery.\n\nThis whirlwind tour of some of the great and not-so-great responses to security incidents over the last five years will share where incident communications have improved, where things have got stuck, and where we need to go in the next five to keep making people and systems safer.", "recording_license": "", "do_not_record": false, "persons": [{"code": "PTD7DT", "name": "Izzi Lithgow", "avatar": "https://pretalx.com/media/avatars/PTD7DT_QybB8HG.webp", "biography": "Izzi Lithgow is an award winning speaker and one of Aotearoa's leading security communicators. She's worked on some of New Zealand's largest incidents, from natural disasters to cyber attacks. With almost 20 years experience in communications and PR, and seven in cyber security, she's obsessed with the life changing magic of talking about security with everyone from the CISO to the postie", "public_name": "Izzi Lithgow", "guid": "b116fa23-622b-5ef4-9744-5cc6272c297e", "url": "https://pretalx.com/chcon-2024/speaker/PTD7DT/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/HSFAZH/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/HSFAZH/", "attachments": []}, {"guid": "e7400eae-ab7f-5e98-9a49-13dfa2c064ed", "code": "LX3BUC", "id": 54063, "logo": null, "date": "2024-11-22T15:25:00+13:00", "start": "15:25", "duration": "00:25", "room": "Ngaio Marsh Theatre", "slug": "chcon-2024-54063-the-exploitation-of-others", "url": "https://pretalx.com/chcon-2024/talk/LX3BUC/", "title": "The Exploitation of Others", "subtitle": "", "track": "Main Track", "type": "Talk", "language": "en", "abstract": "When it comes to cybersecurity, sometimes the thing that people forget is that a solution or an account is only as secure as the individuals who are authorised to access it. By targeting the human element, an individual does not have to try break through firewalls or defense mechanisms or access accounts. All they need to play to is the person that takes the time to respond - to elicit a reaction strong enough to make that person think that what they are doing is for their benefit or required.\n\nThe best way to do that, is by targeting one's emotions. Let's talk about some of the ways this can be successful using technology, focusing on Advance-Fee Fraud, Romance Scams, and Phishing Attacks.", "description": "My talk is based on the research I did for my final post grad research paper, titled \"Hijacking Human Emotion: The Exploitation of Others Through Technological Scamming\".\n\nI feel passionate about this topic because people are so quick to blame the individual who have been scammed without even realising the effort and in-depth thought that can go behind it nowadays. Scams have been around for a long time, and they are getting increasingly sophisticated, especially around a time where we are still developing into the technological sphere and people have a false sense of security online.\n\nSome scammers are in the game for the long haul, and they will use technology, something that is deeply imbedded in today's society, to their advantage.\n\nThe purpose of my presentation is to hopefully get across that you do not need to be a technological mastermind in order to scam someone out of something. My talk covers technological characteristics and expected or conditioned human responses that are taken advantage of in conjunction with one another in order to successfully scam another individual.\n\nIt is getting more and more relevant. Consider the story at the beginning of the year where a financial assistant handed over tens of millions of dollars thinking he was doing what his boss wanted. AI was used instead to manipulate his response and encouraged him to do what he thought he was being told to do. \n\nThis is one of the few crimes, if not the only crime where the malicious person is not actively stealing anything or breaking into anything to achieve their goal. The intended target is voluntarily providing the money or account information, albeit under false pretenses. There is no active 'taking'. \n\nThat is the point I want to get across.", "recording_license": "", "do_not_record": false, "persons": [{"code": "GXHQEH", "name": "Dana Windsor", "avatar": "https://pretalx.com/media/avatars/GXHQEH_6YF1IYz.webp", "biography": "I come from a background in criminology and admittedly, cybersecurity never crossed my mind as a potential career path. It wasn't until my final year of post grad study that I delved into the world of scams and thankfully after, Helix Security took a chance on me as an Associate Security Consultant.  Here I am two years later at Bastion Security, still passionate about the world of scams, how technology can be used to manipulate and exploit others, and used for a purpose other than it was originally intended for.\nIn my spare time, I enjoy cooking, playing squash, and reading.", "public_name": "Dana Windsor", "guid": "011803d7-5e57-5a88-afd1-7fd4dffca98c", "url": "https://pretalx.com/chcon-2024/speaker/GXHQEH/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/LX3BUC/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/LX3BUC/", "attachments": []}, {"guid": "91317332-4ace-5fc8-823b-641e0b0d4e22", "code": "PDNLNS", "id": 54491, "logo": null, "date": "2024-11-22T15:55:00+13:00", "start": "15:55", "duration": "00:25", "room": "Ngaio Marsh Theatre", "slug": "chcon-2024-54491-fantastic-ingress-points-and-where-to-find-them", "url": "https://pretalx.com/chcon-2024/talk/PDNLNS/", "title": "Fantastic Ingress Points and Where to Find Them", "subtitle": "", "track": "Main Track", "type": "Talk", "language": "en", "abstract": "Attack surface management is an age old challenge that organisations face. With cyber attacks being reported frequently in the media it can be easy to lose hope as a consumer, let alone a technology professional. This presentation aims to remove some of the \"magic\" behind threat emulation and simulation that internal Red Teamers and Offensive Security Specialists have picked up from studying the \"bad guys\" by looking at real world examples and going through \"what's next\" after you've been handed your Red Teaming report.", "description": "This presentation aims to examine the life cycle of offensive security testing and how it ties into continuous security improvement.\n\nMewsec is a Security Researcher and InfoSec professional from over the puddle hailing from the land of koalas. When she is not \"Hacking the Planet\",  you could probably spot her at an Aussie con.", "recording_license": "", "do_not_record": false, "persons": [{"code": "MVNVZW", "name": "MewSec", "avatar": "https://pretalx.com/media/avatars/MVNVZW_1yMKJNh.webp", "biography": "Hi I'm MewSec. I'm from Australia. I like coffee, bushwalks and synths. I am a security researcher and InfoSec professional.  All views are my own and do not reflect the views of my employer.", "public_name": "MewSec", "guid": "c98c8ca4-0d39-5a91-846d-635f83307b7e", "url": "https://pretalx.com/chcon-2024/speaker/MVNVZW/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/PDNLNS/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/PDNLNS/", "attachments": []}, {"guid": "e68d7497-67e0-5995-a7ec-92294d4229aa", "code": "N7LHKK", "id": 55217, "logo": null, "date": "2024-11-22T16:25:00+13:00", "start": "16:25", "duration": "00:25", "room": "Ngaio Marsh Theatre", "slug": "chcon-2024-55217-what-developers-get-for-free", "url": "https://pretalx.com/chcon-2024/talk/N7LHKK/", "title": "What Developers Get for Free?", "subtitle": "", "track": "Main Track", "type": "Talk", "language": "en", "abstract": "Gone are the days when developers had to craft their own session management systems and rely on CGI calling Perl scripts (hopefully!). Today, programming languages and frameworks offer a wealth of built-in security features\u2014often for free. But what exactly do these features provide, and how can we leverage them to elevate our security code reviews, penetration testing practices, and even compliance efforts?\n\nIn this talk, we'll explore the security mechanisms that modern frameworks and languages offer out of the box. We'll dive into how understanding these built-in tools can transform your approach to code review and penetration testing, allowing you to focus on the nuances and deeper issues that could compromise your application\u2019s security. Whether you're a security professional, developer, or compliance officer, this session will equip you with the knowledge to make the most of the features at your disposal and ensure your applications are as secure as possible.", "description": "Developers! Developers! Developers! Developers! Developers! Developers!\n\nIn this talk, we\u2019ll dive into the evolving landscape of built-in security features provided by modern frameworks and languages. We\u2019ll start with a look at Ruby on Rails, which pioneered many security features such as protection against SQL injection and XSS, and how these innovations set the stage for today\u2019s robust frameworks.\n\nWe\u2019ll then explore contemporary frameworks like Django and ASP.Net Core, which offer advanced security features such as automatic password hashing upgrades and extensive built-in protections. We'll demonstrate how these features can enhance your development practices and why they matter.\n\nIn addition, we\u2019ll discuss the significance of comprehensive documentation and error-proofing to prevent developers from reinventing the wheel and to streamline focus on critical areas.\n\nWe\u2019ll also cover how developers can contribute to this ecosystem, whether by implementing similar practices internally or by contributing to open-source projects to expand the availability of these built-in security features.\n\nFinally, we\u2019ll examine the impact of these built-in features on penetration testing, code reviews, and compliance. By leveraging these features, you can strategically target your efforts on custom code and integrations. Or, by focusing on these widely-used features, you have the opportunity to uncover high-impact vulnerabilities that many developers rely on\u2014making it harder to find issues, but offering significantly higher rewards when you do.", "recording_license": "", "do_not_record": false, "persons": [{"code": "CZM8Q8", "name": "Louis Nyffenegger", "avatar": "https://pretalx.com/media/avatars/CZM8Q8_0AF7SzY.webp", "biography": "Louis Nyffenegger is a seasoned security engineer and the founder of PentesterLab, a platform dedicated to teaching web penetration testing. With over a decade of experience in cybersecurity, Louis has focused on penetration testing, architecture analysis, and code reviews. He also launched a YouTube channel, AppSecSchool, further extending his passion for education in application security.", "public_name": "Louis Nyffenegger", "guid": "f1efae14-f672-56f2-bd6c-b352bd1f4baa", "url": "https://pretalx.com/chcon-2024/speaker/CZM8Q8/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/N7LHKK/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/N7LHKK/", "attachments": []}, {"guid": "05136cec-53d2-593d-99b5-47f13195d4d2", "code": "QCWLAT", "id": 53038, "logo": "https://pretalx.com/media/chcon-2024/submissions/QCWLAT/ICSisnotOT_jvWJvIP.png", "date": "2024-11-22T17:10:00+13:00", "start": "17:10", "duration": "00:25", "room": "Ngaio Marsh Theatre", "slug": "chcon-2024-53038-ics-is-not-ot-redefining-operational-technology", "url": "https://pretalx.com/chcon-2024/talk/QCWLAT/", "title": "ICS is NOT OT - Redefining Operational Technology", "subtitle": "", "track": "Main Track", "type": "Talk", "language": "en", "abstract": "The most common definition of OT (Operational Technology) includes ICS (Industrial Control Systems).  This talk will present an alternative view which better aligns to current practice, both in NZ and globally.  The talk will address some of the conflict in terminology and discourse around what good OT cyber security looks like - generally from a defender perspective.  The talk will include key insights and takeaways technical and non-technical, regardless of your OT security maturity.", "description": "Industrial cyber security is a harder problem than corporate/enterprise cyber security.  The requirements are different.  Most systems and protocols are insecure-by-design.  Many systems are un-patched and/or un-patchable.  The part-art and part-science of OT cyber security is far less mature than more well-established IT or conventional cyber security.  \n\nAdd into the mix, a 'cylinder of excellence' (silo) problem.  Most technology in an organisation sits in the IT 'cylinder'.  For OT, there is always an interface with operations/engineering/generation/manufacturing because you're working on technology that can have real-world implications (a key feature of OT).\n\nIn working in the area of ICS/OT for ~20 years, the last ~10 years in ICS/OT cyber security, Peter will bring some insights in dealing with some of the hard problems in ICS/OT cyber security.  One area of development is the clarification of roles and responsibilities.  More organisations are changing their strategies in who is responsible for 'OT'... and even how we define 'OT'.\n\nHis experience is informed not only though work in the sector (NZ and internationally) but supported by several years as an intentionally-recognised award-winning OT cyber security expert and international conference presenter.  His work supporting the ICS/OT cyber security community extends to ~dozens of presentations across NZ, running the NZ ICS/OT Cyber Technical Network (established 2019), facilitating NZ ICS/OT seminars/conferences (since 2017), and supporting the 62443 series as a member of ISA-99.", "recording_license": "", "do_not_record": false, "persons": [{"code": "FLPWFP", "name": "Peter Jackson", "avatar": "https://pretalx.com/media/avatars/FLPWFP_YcMugmC.webp", "biography": "Peter is an expert ICS/OT cyber security practitioner. He leads the SGS ECL team of industrial cyber specialists (OT security engineers/consultants). His background includes control/safety systems experience, as a T\u00dcV-certified Functional Safety Engineer. When he\u2019s not leading the SGS ECL OT Cyber team, Peter is an instructor for SANS ICS515 (ICS Visibility, Detection, and Response) and runs the NZ ICS Cyber Technical Network. \n\nHis experience is informed not only though work in the sector (NZ and internationally) but supported by several years as an intentionally recognised award-winning OT cyber security expert and international conference presenter.  His work supporting the ICS/OT cyber security community extends to ~dozens of presentations across NZ, running the NZ ICS/OT Cyber Technical Network (established 2019), facilitating NZ ICS/OT seminars/conferences (since 2017), and supporting the 62443 series as a member of ISA-99.", "public_name": "Peter Jackson", "guid": "050448e0-562d-5c0e-b601-2827813b95c5", "url": "https://pretalx.com/chcon-2024/speaker/FLPWFP/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/QCWLAT/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/QCWLAT/", "attachments": []}, {"guid": "435e230d-46ca-5bf9-8b49-c8717188fe31", "code": "KATQUL", "id": 49714, "logo": null, "date": "2024-11-22T17:40:00+13:00", "start": "17:40", "duration": "00:25", "room": "Ngaio Marsh Theatre", "slug": "chcon-2024-49714-intelligence-driven-defense-a-cti-story", "url": "https://pretalx.com/chcon-2024/talk/KATQUL/", "title": "Intelligence-Driven Defense \u2013 A CTI story", "subtitle": "", "track": "Main Track", "type": "Talk", "language": "en", "abstract": "In an era where budget constraints are ever-present and the threat landscape is constantly evolving, organisation must optimize their cybersecurity spending with precision. This technical presentation delves into the integration of Cyber Threat Intelligence (CTI) within detection engineering frameworks to maximize the effectiveness of limited cybersecurity resources. The presentation will explore the strategic application of actionable intelligence to tailor defensive measures, enabling organisations to prioritize their security efforts based on tangible and relevant threat insights into adversary tactics, techniques, and procedures (TTPs). Attendees will gain a deeper understanding of how to interpret threat actor telemetry to engineer more robust targeted defenses and identify the most pertinent threats to their operations. This session offers a comprehensive guide to deploying a targeted cybersecurity strategy that not only mitigates cyber risks but also enhances the protection of critical assets within resource-constrained environments.", "description": "What will attendees learn/gain from the presentation?\n\nAn approach to understand the telemetries used by threat actors and gain insights using statically analytical techniques. \n\nA methodology to mitigate cyber threats that are likely target the organisation.", "recording_license": "", "do_not_record": false, "persons": [{"code": "ZQHHPF", "name": "Chathura Abeydeera", "avatar": "https://pretalx.com/media/avatars/ZQHHPF_5OhoFl0.webp", "biography": "Chathura is a Director at KPMG Australia, spearheading the Cyber Attack and Response services. With over 20 years in offensive cybersecurity, he is recognised as a top technical cybersecurity expert. He holds fellowships with both AISA and CREST International and is currently pursuing a doctoral degree in Space Domain Intelligence.", "public_name": "Chathura Abeydeera", "guid": "8f85909f-bc9a-5aff-82d6-3f991fb73793", "url": "https://pretalx.com/chcon-2024/speaker/ZQHHPF/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/KATQUL/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/KATQUL/", "attachments": []}, {"guid": "4b34469f-c40b-5bf5-9055-175cad876fbf", "code": "TKPQWN", "id": 54798, "logo": null, "date": "2024-11-22T18:10:00+13:00", "start": "18:10", "duration": "00:25", "room": "Ngaio Marsh Theatre", "slug": "chcon-2024-54798-deepfake-p-rn-the-real-people-behind-the-image", "url": "https://pretalx.com/chcon-2024/talk/TKPQWN/", "title": "Deepfake P*rn: The Real People Behind the Image", "subtitle": "", "track": "Main Track", "type": "Talk", "language": "en", "abstract": "The advancement of A.I within the last few decades has sparked some concern in the general public such as fears of political impersonation or a robot uprising. However, there has been an ongoing and persistent threat with the use of A.I that is only just making it's way into the mainstream media. \n\nThe production of deepfake pornography has been increasing within the last ten years. This technology is used to make non-consensual adult media often targeting women including famous people and non-celebrities. This talk will unpack the history of deepfake porn, explain how the technology developed, evaluate the prevention and mitigation efforts, and discuss what services and legislation are in place in New Zealand to protect people affected by this.", "description": "Deepfakes and A.I in general have permeated into the social discourse most notably over the last few years. As with most technological development there is a darker and more illicit history behind the advancements and notoriety surrounding this technology. Whilst chat bots and A.I image generators were entering the mainstream, an established subset of deepfakes has been persisting in popularity on the Internet - that is the use of deepfake technology to produce synthetic pornography.\n\nDeepfake pornography shares a similar history with most modern technologies in that it's advancement stems from a demand for sex on the Internet. However, due to the ease of accessibility and low technical requirement to utilise it, it has become a common vector to target and exploit women on the Internet. \n\nA superficial glance at deepfake pornography in mainstream media highlights the effects on mostly Western celebrity women. This talk will also explore the people who have been exploited by this technology but haven't received the same levels of attention, consideration, and support. The primary aim of this talk is to raise awareness about the negative impacts this technology is having on women and consider how we can do better as an industry.", "recording_license": "", "do_not_record": false, "persons": [{"code": "PTKX7H", "name": "elle", "avatar": null, "biography": "Elle (not Ellie) is a security consultant based in Wellington who enjoys talking about sex and technology, and how this affects women. Outside of work she enjoys video games and is currently learning about malware analysis.", "public_name": "elle", "guid": "7e512098-884a-5e5f-967b-b1d119c6b2a5", "url": "https://pretalx.com/chcon-2024/speaker/PTKX7H/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/TKPQWN/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/TKPQWN/", "attachments": []}]}}, {"index": 3, "date": "2024-11-23", "day_start": "2024-11-23T04:00:00+13:00", "day_end": "2024-11-24T03:59:00+13:00", "rooms": {"Ngaio Marsh Theatre": [{"guid": "66facc94-1471-56e1-b7a3-1b1ebe136a82", "code": "HA77NH", "id": 52312, "logo": null, "date": "2024-11-23T09:00:00+13:00", "start": "09:00", "duration": "01:00", "room": "Ngaio Marsh Theatre", "slug": "chcon-2024-52312-hacking-the-suite-the-journey-from-hacker-to-executive", "url": "https://pretalx.com/chcon-2024/talk/HA77NH/", "title": "Hacking the Suite: The Journey from Hacker to Executive", "subtitle": "", "track": "Main Track", "type": "Long time good talk", "language": "en", "abstract": "Stop me if these phrases sound familiar: \"Management just doesn't understand the issue\", \"The executives don't care about security\", or \"If the board would just give us the budget......\". You've probably heard or even uttered many of these common phrases yourself. There seems to be this perennial divide between our technical security practitioners and engineers, and the leadership at the top levels of an organization. Have you ever considered what it would be like to be an executive, what you\u2019d do differently, or even wondered if it\u2019s possible to move from a technical security role into the C-Suite of a multi-billion dollar organization?\nIn this presentation we\u2019ll follow the journey of someone who did just that. Alyssa Miller, a childhood hacker who grew up in the hacker culture of the 80\u2019s and 90\u2019s is now the CISO of such an organization. She\u2019ll share the lessons learned as a hacker that helped her understand and influence executives at the highest levels of leadership. She\u2019ll give you tips, tricks, and even warnings about potential pitfalls to avoid if your goals include the C-Suite at some point in your future. You\u2019ll learn that you don\u2019t need to abandon your hacker roots to join the management ranks, and in fact you\u2019ll see how those tools uniquely equip you to be exceptional in such a role. Come join us for fun stories, learning from examples, and inspiration to chase those dreams in your most authentic way.", "description": "This presentation will include an origin story but will not focus on it. Instead, that origin story will be used to draw specific learning experiences to be shared with the audience. Tales of successes and failures will be shared, connections between hacker skill sets and the skills needed to be successful in the C-Suite will be drawn, and attendees will leave the session feeling prepared and inspired to take their hacker persona to the boardroom.", "recording_license": "", "do_not_record": false, "persons": [{"code": "WYM3ET", "name": "Alyssa Miller", "avatar": "https://pretalx.com/media/avatars/WYM3ET_swx7jCI.webp", "biography": "Alyssa Miller is a hacker who, in her pre-teens, bought her first computer and hacked into a paid dial-up community platform. She grew up in hacker culture, finding her hacker family in IRC channels in adolescence. While IT was not her original plan, she ended up working as a developer and later a penetration tester in the financial services industry. Moving into consulting, her focus on defending technology systems grew to the point where she was advising fortune 100 companies on building comprehensive security programs. \n\nAlyssa is now in an executive role as the CISO of Epiq Global. Still very much a hacker, she\u2019s built on that identity to grow her career. She is an internationally recognized public speaker and author of \u201cCybersecurity Career Guide\u201d. She advocates for helping others make a career out of their passion for security. She\u2019s also a proponent for the open sharing of ideas and perspectives on securing our connected world.", "public_name": "Alyssa Miller", "guid": "a4e1f258-d355-5c14-ad27-f30b82d67a8b", "url": "https://pretalx.com/chcon-2024/speaker/WYM3ET/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/HA77NH/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/HA77NH/", "attachments": []}, {"guid": "b6e380a4-03ac-5dcd-a803-06448090d375", "code": "CKPEZY", "id": 52595, "logo": null, "date": "2024-11-23T10:05:00+13:00", "start": "10:05", "duration": "00:25", "room": "Ngaio Marsh Theatre", "slug": "chcon-2024-52595-mfa-stories-that-make-you-go-huh", "url": "https://pretalx.com/chcon-2024/talk/CKPEZY/", "title": "MFA, stories that make you go huh?", "subtitle": "", "track": "Main Track", "type": "Talk", "language": "en", "abstract": "MFA, everyone says you should be using it. We say that too, but not all MFA is created equal, and some MFA implementations have issues. Having tested many systems over the years we have seen some \u201cinteresting\u201d implementations with weird behaviour which allows for bypassing MFA. Knowing these gotchas will help you find these issues and hopefully avoid the same mistakes.", "description": "This talk will provide background on what MFA is and why we should be using it. MFA often has pitfalls in its implementation, allowing attackers to bypass it. We will present a range of bypass techniques that we have seen through our testing over the years & how to identify them. In addition, we suggest how these issues could have been avoided. This discussion will also help the hunters with new ideas of what they can be looking for when reviewing MFA implementations or trying to bypass MFA on a red team. We finish with what you should be doing to avoid these MFA implementation issues.", "recording_license": "", "do_not_record": false, "persons": [{"code": "P9JHYH", "name": "David Robinson", "avatar": "https://pretalx.com/media/avatars/P9JHYH_T90rQc7.webp", "biography": "Dave/Karit in his time working in various parts of the IT industry has developed a skillset that encompasses various disciplines in the information security domain. Dave currently works as a Penetration Tester in Wellington and runs K\u0101k\u0101con.\n\nDave has presented at a range of conferences such as DefCon, Kiwicon, Aerospace Village @ DefCon, BSidesCBR, CHCon, Unrestcon and at numerous local meetups; along with running training at Kiwicon, Syscan, CrikeyCon, CHCon and TuskCon. He also has a keen interest in aerospace, lock-picking and all things wireless.", "public_name": "David Robinson", "guid": "ee011423-7a1d-5cee-8016-7f48f32c7741", "url": "https://pretalx.com/chcon-2024/speaker/P9JHYH/"}, {"code": "RQUTTC", "name": "Jacob Hawthorne", "avatar": null, "biography": "Jacob has a background in IT infrastructure that began with maintaining on-premise environments, eventually evolving into \u201cthe cloud\u201d... With a passion for IT security he moved into blue team roles specialising in cloud security. Jacob now works as an offensive security consultant in Wellington, specialising in devops and cloud security. \n\nWhen not wrangling security he has a keen interest for tinkering with hardware, 3D printing, self-hosting, gaming and recently navigating (for him) the uncharted waters of parenthood.", "public_name": "Jacob Hawthorne", "guid": "58174ca2-b510-5759-80d9-3c6e6a239ae2", "url": "https://pretalx.com/chcon-2024/speaker/RQUTTC/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/CKPEZY/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/CKPEZY/", "attachments": []}, {"guid": "fb2a208c-ffa4-5fd3-854f-a4c278082823", "code": "EYU7C9", "id": 55419, "logo": null, "date": "2024-11-23T11:05:00+13:00", "start": "11:05", "duration": "00:25", "room": "Ngaio Marsh Theatre", "slug": "chcon-2024-55419-don-t-touch-disk-disk-is-lava", "url": "https://pretalx.com/chcon-2024/talk/EYU7C9/", "title": "Don\u2019t Touch Disk, Disk is Lava", "subtitle": "", "track": "Main Track", "type": "Talk", "language": "en", "abstract": "Security controls such as endpoint detection and response (EDR) continue to mature,  thereby increasing the amount of effort adversaries must invest to successfully execute intrusions, remain undetected and achieve their objectives.  This presentation will cover techniques that red teams can use to perform post exploitation against web applications hosted by Microsoft\u2019s Internet Information Services (IIS) while evading modern security controls. The concerns that come with using traditional \u201ccmd.exe\u201d web shells will be discussed before demonstrating more mature web shells which make use of reflective assembly loading and deserialisation.", "description": "The presentation will cover:\n- Talk will reference real world experience conducting red team engagements\n- Why traditional web shells that are dependent on executing child processes from the IIS worker process should be avoided\n- Using reflection within ASPX to reflectively load assemblies for post exploitation\n- Exfiltration of IIS machine keys to maintain persistence and achieve code execution through deserialisation\n- Adaption of public tooling to build a \u201cfileless\u201d web shell which uses deserialisation to reflectively load assemblies", "recording_license": "", "do_not_record": false, "persons": [{"code": "7TJERB", "name": "Marc", "avatar": null, "biography": null, "public_name": "Marc", "guid": "1dc135b2-f4d5-5435-a924-e7821aa89934", "url": "https://pretalx.com/chcon-2024/speaker/7TJERB/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/EYU7C9/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/EYU7C9/", "attachments": []}, {"guid": "fa264b0b-109d-5c71-b1dd-d6b648b8bd08", "code": "WSBPZP", "id": 55240, "logo": null, "date": "2024-11-23T11:35:00+13:00", "start": "11:35", "duration": "00:25", "room": "Ngaio Marsh Theatre", "slug": "chcon-2024-55240-a-very-brief-history-of-safecracking", "url": "https://pretalx.com/chcon-2024/talk/WSBPZP/", "title": "A Very Brief History Of Safecracking", "subtitle": "", "track": "Main Track", "type": "Talk", "language": "en", "abstract": "At 1851\u2019s Great Exhibition, locksmiths offered prizes to anyone who could defeat their so-called \u201cunpickable\u201d locks. This hugely successful marketing stunt heralded the modern security industry, with vendors stoking fears of Sophisticated Hackers\u2122 to create demand for expensive high-tech security solutions, while daring safe-breakers kept finding ways to thwart even the most impenetrable so-called \u201cburglar proof\u201d safe. \n\nIn this talk we\u2019ll meet some notorious characters from this now-forgotten golden age of safecracking. We\u2019ll take a look at their criminal exploits, and how safecrackers\u2019 methods and security countermeasures evolved over a century.", "description": "This talk is a whimsical yarn based on historical research I've been doing over the last few years on NZ safecrackers. It gives case studies of a few infamous NZ safecrackers, covering their origins and how they became highly technically specialised professional criminals, the exploits that made them notorious in their day, and their eventual downfall. It briefly examines the techniques used in safecracking and how they changed over time, as well as changes in safe/strongroom technology (some addressing actual emerging threats, others driven by industry FUD and planned obsolescence). This talk is not meant to be a lesson on what history can teach us about how to improve corporate cybersecurity (boring, anachronistic, big LinkedIn energy), but it will \u2728subtly\u2728 nod at some timeless wisdom and obvious parallels to modern-day hackers and security.", "recording_license": "", "do_not_record": false, "persons": [{"code": "XPRSXR", "name": "Petra Smith", "avatar": "https://pretalx.com/media/avatars/XPRSXR_zIjTWoS.webp", "biography": "Petra has a point and she's getting to it. A reformed consultant, Petra now helps small businesses to transform their information security programmes. She keeps talking about writing a book about NZ safecrackers one day but probably won't get round to it.", "public_name": "Petra Smith", "guid": "27145a9a-8c34-51a4-8c4d-2209affcc3fc", "url": "https://pretalx.com/chcon-2024/speaker/XPRSXR/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/WSBPZP/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/WSBPZP/", "attachments": []}, {"guid": "9a8bd642-4ccd-5ad0-8a97-f60567fc7ebc", "code": "ZVPA7D", "id": 54550, "logo": null, "date": "2024-11-23T12:05:00+13:00", "start": "12:05", "duration": "00:25", "room": "Ngaio Marsh Theatre", "slug": "chcon-2024-54550-quantum-threats-to-crypto-should-we-be-afraid", "url": "https://pretalx.com/chcon-2024/talk/ZVPA7D/", "title": "Quantum Threats to Crypto: Should We Be Afraid?", "subtitle": "", "track": "Main Track", "type": "Talk", "language": "en", "abstract": "Quantum Threats to Crypto: Should We Be Afraid?\n\nThis talk about the security challenges presented by quantum computing, covering key Quantum Computing concepts as well as the vulnerabilities of current cryptographic algorithms. We will discuss NIST's efforts in standardizing quantum-resistant cryptography and emphasize the importance of education in preparing for a quantum-enabled future.", "description": "Our presentation explores the imminent dangers posed by quantum computing to cryptography, the specific risks, and how we can prepare for a more secure future.", "recording_license": "", "do_not_record": false, "persons": [{"code": "HBLSNT", "name": "Jagan Boda (Jay)", "avatar": "https://pretalx.com/media/avatars/HBLSNT_tY4CuAX.webp", "biography": "Jay\nSenior Pentester | Quantum Security Enthusiast\n\nI\u2019m Jay (full name Jagan Boda), a seasoned IT security professional with over 10 years of experience in penetration testing and vulnerability management. Currently working as a Senior Pentester at Spark NZ, I specialize in securing web, API, network, cloud, and IoT environments. I hold certifications in OSCP, AWS Security, and CyberArk.\n\nOutside of work, I enjoy archery and indulging in sci-fi movies and series.", "public_name": "Jagan Boda (Jay)", "guid": "f06cde30-c8c9-53fb-a771-686da5cbe98d", "url": "https://pretalx.com/chcon-2024/speaker/HBLSNT/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/ZVPA7D/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/ZVPA7D/", "attachments": []}, {"guid": "35a9481e-78f2-54da-b368-8a7035e76141", "code": "8ZETCE", "id": 50485, "logo": null, "date": "2024-11-23T13:35:00+13:00", "start": "13:35", "duration": "00:45", "room": "Ngaio Marsh Theatre", "slug": "chcon-2024-50485-your-voice-confirms-my-identity", "url": "https://pretalx.com/chcon-2024/talk/8ZETCE/", "title": "Your voice confirms my identity", "subtitle": "", "track": "Main Track", "type": "45er", "language": "en", "abstract": "With voice cloning now available to the masses, just how secure is your average voice authentication system? Come dive into the world of AI voice generation systems; learn how to clone someone's voice, as well as discussion surrounding the trends we are seeing in voice authentication systems and AI voice generation.", "description": "Ever-increasingly voice authentication is seen as the next step forward in a simplified user experience which also decreases costs for companies. Unfortunately, this same step can often be seen as a step backwards for user's security.\n\nThis presentation aims to discuss topics such as the over-reliance on a user's voice as a primary security boundary. A demonstration of tools available for cloning a user's voice (mine). Along with the current pitfalls with the use of voice authentication. Further to this, we also dive into practical voice cloning of users using their digital presence.\n\nAudience members should be able to walk into this presentation with little to no\nprerequisite knowledge and leave with the following:\n- Knowledge of current voice cloning techniques\n- Considerations around the usage of voice as a security boundary within their own applications\n- A better awareness of where we see the voice authentication and AI voice generation sectors trending towards as well as the pitfalls associated with them", "recording_license": "", "do_not_record": false, "persons": [{"code": "MGRDUV", "name": "Ethan McKee-Harris", "avatar": "https://pretalx.com/media/avatars/MGRDUV_peZRwm7.webp", "biography": "Ethan McKee-Harris, aka Skelmis, is a security consultant by trade. He spends his days hacking web applications and bypassing voice authentication systems. Beyond that, Ethan is an avid open source developer with experience on both sides of the metaphorical 'security fence'.", "public_name": "Ethan McKee-Harris", "guid": "f97ed9b0-dd00-55c7-beea-f4a7a3ac3efe", "url": "https://pretalx.com/chcon-2024/speaker/MGRDUV/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/8ZETCE/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/8ZETCE/", "attachments": []}, {"guid": "d99f8637-86ce-5297-9c2c-88aeaa28328b", "code": "QMC7NK", "id": 50426, "logo": null, "date": "2024-11-23T14:25:00+13:00", "start": "14:25", "duration": "00:25", "room": "Ngaio Marsh Theatre", "slug": "chcon-2024-50426-moving-towards-a-carbon-zero-more-sustainable-and-digitally-insecure-world-managing-cyber-security-vulnerabilities-within-green-tech", "url": "https://pretalx.com/chcon-2024/talk/QMC7NK/", "title": "Moving towards a carbon-zero, more sustainable, and digitally insecure world: managing cyber security vulnerabilities within green-tech", "subtitle": "", "track": "Main Track", "type": "Talk", "language": "en", "abstract": "The importance of making more sustainable choices in our daily activities is now deeply embedded within our social practices and is a core part of what we teach our children. Indeed, most modern businesses have \u2018green\u2019 policies that underpin regarding how they source products and services, consume energy, and dispose of waste. A good example of this is the growth of the use of highly automated Internet-connected building management systems within the construction of environmentally friendly homes and commercial buildings.\n\nDropping down to the consumer-level, many individuals are also increasingly embracing green technologies in terms of how they live their lives. We are seeing a massively increased usage of electric and hybrid vehicles, e-bikes, IoT-enabled electrified public transport, smart bulbs, and solar-powered Internet-enabled security cameras. \n\nHowever, on closer review, many critical security vulnerability and privacy assurance mechanisms are absent within these increasingly autonomous technologies. Many green tech companies are working on cutting-edge technologies that have not yet been thoroughly tested or implemented on a large scale. \n\nThis could lead to situations where, if a malicious actor took over an intelligent thermostat or door-locking mechanism, they could create an internal climate which was excessively hot or cold, or remotely disarm a premises door locking mechanisms.  Scenarios such as this have physical safety implications for building occupants. They also have serious reputational harm implications for the business owners associated with these green buildings.", "description": "This session will cover off:\n\no\tWhat are current and emerging examples of green technology,\no\tCyber threats facing green technologies today, and what the commercial and personal impact can be,\no\tRecent examples of green technology compromises,\no\tWhat remediation options are available to address cyber security risks within green technologies,\no\tRemediation implementation: how a partnership-based approach is the best way forward, and\no\tHow cyber security professionals can work with green technology consumers and vendors to address this growing trend.", "recording_license": "", "do_not_record": false, "persons": [{"code": "LRXKR9", "name": "Nick Baty", "avatar": "https://pretalx.com/media/avatars/LRXKR9_t8VVzxM.webp", "biography": "Nick joined the Bastion Security Group in December 2021 and is based in Dunedin. \nHowever, he has over 18 years\u2019 security experience in both private and public sector organisations.\n\nNick\u2019s area of expertise are in:\n\u2022\tcyber security \u2018thought-leadership\u2019,\n\u2022\tcyber security governance,\n\u2022\tvirtual Chief Information Security Officer engagements,\n\u2022\tundertaking cyber security risk and maturity assessments,\n\u2022\tcyber strategy and policy development,\n\u2022\tcyber security work-program development,\n\u2022\tcyber security supply chain management,\n\u2022\texecutive cyber security support,\n\u2022\tcyber security user awareness training delivery,\n\u2022\tcyber security in the health sector,\n\u2022\tcyber risk management across the lifecycle of digitally-enabled medical devices, and\n\u2022\tcyber security in the financial services sector.\n\nKey cyber security leadership roles Nick held prior to joining Bastion Security were:\n\u2022\tChief Cyber Security Adviser: Ministry of Health (MoH); and\n\u2022\tTeam Leader - Outreach & Engagement: National Cyber Security Centre.\n\nFrom a health sector context, Nick\u2019s role at MoH was responsible for driving an increase in the cyber security maturity of the whole of the New Zealand health and disability sector (public and private). \n\nNick also has many other achievements he is proud of, which can be seen below:\n\u2022\tNavigator Professional Leadership Programme: Outward Bound (2016),\n\u2022\tNew Leaders Development Programme: Melbourne Business School (2018),\n\u2022\tNZITF conference speaker (2022),\n\u2022\tInstitute of Directors Company Director\u2019s Course (2023), and\n\u2022\tChristchurch Hacker\u2019s Conference speaker (2023).", "public_name": "Nick Baty", "guid": "e3ce935c-c6f6-5876-92a7-5d0e54b595e7", "url": "https://pretalx.com/chcon-2024/speaker/LRXKR9/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/QMC7NK/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/QMC7NK/", "attachments": []}, {"guid": "dbf4fa4b-483a-589e-8cec-b5d4bb3b5b5f", "code": "X8G3XD", "id": 52658, "logo": null, "date": "2024-11-23T14:50:00+13:00", "start": "14:50", "duration": "00:15", "room": "Ngaio Marsh Theatre", "slug": "chcon-2024-52658-fellowship-of-the-keys", "url": "https://pretalx.com/chcon-2024/talk/X8G3XD/", "title": "Fellowship of the Keys", "subtitle": "", "track": "Main Track", "type": "Lightning", "language": "en", "abstract": "Common Criteria is an international standard required by most government and entities to protect their mission-critical resources. It is a pre-requisite for qualified products under the European Union digital signature laws and is required by the US government under the National Information Assurance Partnership (NIAP). This presentation sheds lights on the TLS certificates requirement for this regulation and the common pitfalls to look out for.", "description": "One key to rule them all and one key to find them\nOne key to bring them all and in the network bind them\nThe Fellowship of the Keys tells the story of TLS Certificates and how it plays a major role in making network connections secure.\nIt also talks about the importance of getting your Certificate verification right in order to meet the requirements for NIAP/Common Criteria certification.", "recording_license": "", "do_not_record": false, "persons": [{"code": "JNBRYA", "name": "Marjonel Montejo", "avatar": "https://pretalx.com/media/avatars/JNBRYA_vQ9hTx9.webp", "biography": "I am a Software Engineer from Endace Technology and a member of Tech Women New Zealand. I am passionate in providing solutions from my humble abode in Hamilton and in doing so, doing my bit to make the network space a safer place. I am a music aficionado and spend my weekends on the great outdoors with my hubby.", "public_name": "Marjonel Montejo", "guid": "b0d7ebc0-b317-5b43-b404-a45226c9e699", "url": "https://pretalx.com/chcon-2024/speaker/JNBRYA/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/X8G3XD/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/X8G3XD/", "attachments": []}, {"guid": "12c081bd-c642-5a96-8f51-19131d85322c", "code": "XT93HS", "id": 48131, "logo": null, "date": "2024-11-23T15:40:00+13:00", "start": "15:40", "duration": "00:15", "room": "Ngaio Marsh Theatre", "slug": "chcon-2024-48131-putting-the-s-for-security-into-iot", "url": "https://pretalx.com/chcon-2024/talk/XT93HS/", "title": "Putting the S for Security into IoT", "subtitle": "", "track": "Main Track", "type": "Lightning", "language": "en", "abstract": "I finally work somewhere which cares about security! These are the tools we're using to improve our products.", "description": "There are any number of talks about security tools for web development but very few for IoT. In my new job we're using Github (Dependabot, Secrets Manager, CodeQL), SonarQube, Mend, Nessus and others. I will go through how we use these and how useful they are, particularly because we're using Yocto which isn't directly supported by some of these.", "recording_license": "", "do_not_record": false, "persons": [{"code": "BBK3SS", "name": "Tom Isaacson", "avatar": "https://pretalx.com/media/avatars/BBK3SS_z7znYRH.webp", "biography": "I\u2019ve been an embedded developer for 20 years. I haven\u2019t bothered learning web development because I still think the internet is a passing fad, but I\u2019ve been forced to think about security after we added networking to our products", "public_name": "Tom Isaacson", "guid": "bac11311-5250-5134-965e-f1be15758d65", "url": "https://pretalx.com/chcon-2024/speaker/BBK3SS/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/XT93HS/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/XT93HS/", "attachments": []}, {"guid": "b214fd85-a34f-51c5-bfc3-5d8973db6ea5", "code": "7ALPRL", "id": 48436, "logo": null, "date": "2024-11-23T15:55:00+13:00", "start": "15:55", "duration": "00:25", "room": "Ngaio Marsh Theatre", "slug": "chcon-2024-48436-beyond-delete-my-browser-history-infosec-after-death", "url": "https://pretalx.com/chcon-2024/talk/7ALPRL/", "title": "Beyond 'delete my browser history' - infosec after death", "subtitle": "", "track": "Main Track", "type": "Talk", "language": "en", "abstract": "Human lives are finite, but the internet remembers all. What does, will, or should happen to all the accounts, passwords and other data after a person becomes dead or otherwise unavailable?", "description": "An intersection between death, information security and legal things. Relevant to absolutely everyone.", "recording_license": "", "do_not_record": false, "persons": [{"code": "NPBF7L", "name": "notnotcharlie", "avatar": "https://pretalx.com/media/avatars/NPBF7L_C1CPb9Q.webp", "biography": "charlie is a red teamer at GitLab and loves finding intersections between interesting topics. When not at work, or doing the mum thing, she's usually either making, growing or deconstructing something.", "public_name": "notnotcharlie", "guid": "3f16fea8-ef71-5902-ab4c-a83b088159bd", "url": "https://pretalx.com/chcon-2024/speaker/NPBF7L/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/7ALPRL/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/7ALPRL/", "attachments": []}, {"guid": "a72497a9-322c-5123-ba85-74652f552b79", "code": "ZMQBTS", "id": 55341, "logo": null, "date": "2024-11-23T16:25:00+13:00", "start": "16:25", "duration": "00:25", "room": "Ngaio Marsh Theatre", "slug": "chcon-2024-55341-what-is-my-life-that-fragile", "url": "https://pretalx.com/chcon-2024/talk/ZMQBTS/", "title": "What!? Is my life that fragile?", "subtitle": "", "track": "Main Track", "type": "Talk", "language": "en", "abstract": "The increased dependency on the digital life to participate in society means, digital life is real life. With that, the consequences of failure in confidentiality, integrity and availability of our digital self, can have dire consequences. So, I threat modelled living in 2024; and it\u2019s more fragile than I thought!\n\n\nHow digitally resilient do you think you are?\nLet\u2019s talk about that, and some things we can do about it.", "description": "As a cyber security professional, it\u2019s often our job to keep the organisation safe from cyber threats and manage its risks. We know that these are very context sensitive; especially the consequences. \nWe do these assessments with the organisations\u2019 perspective in mind. But, when was the last time you genuinely considered the risks and consequences, from your own perspective and the ones you love? While doing my own digital housekeeping, I did just that, and it felt confronting - the risk profile was very different.\n\n\nIn this talk, I\u2019ll explore that, and walk through a threat model where the perspective is of an individual human - you and me. It was quite surprising how things can go wrong. Could a single \u201cincident\u201d potentially deny your ability to continue living your life? Let\u2019s find out.\n\n\nWhat we individually can and collectively must do about it? Especially as we become dependent on our digital lives to live our meatbag ones.", "recording_license": "", "do_not_record": false, "persons": [{"code": "UWLV9M", "name": "hoodiePony", "avatar": null, "biography": "I am just a friendly local cyber security sherpa. Helping people verifiably build a safer, secure, and more resilient world by sharing knowledge, experience and exploring perspectives. This includes the privilege of presenting here at ChCon NZ previously, multiple BSides Melbourne, and DefCon Groups VR DefCon Villages, amongst many other conferences. I am grounded by the many years of experience spent security advising and assessing critical infrastructure in Australia, and governments, to small startups. That said, I\u2019m just another nerd of figuring out how things work, tinkering, and challenging assumptions; sharing a story so that we can all make better informed decisions through broader perspectives.", "public_name": "hoodiePony", "guid": "556b823e-60d2-580d-a8a7-66c62525ed69", "url": "https://pretalx.com/chcon-2024/speaker/UWLV9M/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/ZMQBTS/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/ZMQBTS/", "attachments": []}, {"guid": "80675c42-485f-5039-bfd0-6e1f68669b11", "code": "LRLZYE", "id": 50509, "logo": null, "date": "2024-11-23T17:25:00+13:00", "start": "17:25", "duration": "00:25", "room": "Ngaio Marsh Theatre", "slug": "chcon-2024-50509-pdf-structure-and-places-where-you-can-hide-things", "url": "https://pretalx.com/chcon-2024/talk/LRLZYE/", "title": "PDF structure and places where you can hide things.", "subtitle": "", "track": "Main Track", "type": "Talk", "language": "en", "abstract": "There are trillions of PDFs in the world, and their very ubiquity makes them a file type where 'bad people' might store malicious code. The ability to quickly identify malicious files is essential and tools such as Remnux, peepdf and RUPS will be discussed, along with some examples of other things that can be hidden within the PDF file format.", "description": "PDFs are ubiquitous, and a relatively simple format. However that simplicity supports multiple places where code, or other information can be stored. We will have a quick overview of the overall structure of PDFs, and see three places (if there is time) where code can potentially be stored. We will also look at some tools that can be help to identify the presence of such code.", "recording_license": "", "do_not_record": false, "persons": [{"code": "9RCK8Q", "name": "Roger Dunham", "avatar": null, "biography": "After years of dabbling in a wide range of subjects, I've been working with PDFs for the last seven years. I've written code, created bugs, and probably a few vulnerabilities. These days I'm paid to be a technical writer, and find other people's bugs, but I hide things in PDFs just for fun.\nI also play button accordion, Morris dance and often wear a pirate hat.", "public_name": "Roger Dunham", "guid": "11855e36-33cc-575e-903d-9b084478f10c", "url": "https://pretalx.com/chcon-2024/speaker/9RCK8Q/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/LRLZYE/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/LRLZYE/", "attachments": []}, {"guid": "f43766f5-598e-5d99-a7d5-b3255c9b0df5", "code": "Q9LJLG", "id": 54807, "logo": null, "date": "2024-11-23T17:50:00+13:00", "start": "17:50", "duration": "00:25", "room": "Ngaio Marsh Theatre", "slug": "chcon-2024-54807-hackin-kashin", "url": "https://pretalx.com/chcon-2024/talk/Q9LJLG/", "title": "Hackin Kashin", "subtitle": "", "track": "Main Track", "type": "Talk", "language": "en", "abstract": "ASB's Kashin has been an icon in many young peoples lives, helping them learn how to save.\nThis talk recounts the process of researching the Clever Kash device, generally discusses why IoT security matters, and common techniques used to reverse engineer hardware.", "description": "we looked at a yellow elephant under a microscope", "recording_license": "", "do_not_record": false, "persons": [{"code": "KTCFAU", "name": "Thomas Hobson", "avatar": "https://pretalx.com/media/avatars/KTCFAU_PnHLZt0.webp", "biography": "Computer engineering student, and amateur hardware hacker.", "public_name": "Thomas Hobson", "guid": "64c8b8a4-fdaf-5386-8080-b19d4b4ef340", "url": "https://pretalx.com/chcon-2024/speaker/KTCFAU/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/Q9LJLG/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/Q9LJLG/", "attachments": []}, {"guid": "0d80571c-c6ad-5212-8c29-09ae249ef281", "code": "J9PJQY", "id": 49850, "logo": "https://pretalx.com/media/chcon-2024/submissions/J9PJQY/Screenshot_2024-04-30_at_11.19.09AM_UhYuEZd.png", "date": "2024-11-23T18:15:00+13:00", "start": "18:15", "duration": "00:25", "room": "Ngaio Marsh Theatre", "slug": "chcon-2024-49850-the-independence-day-1996-hacking-scene-was-good-actually", "url": "https://pretalx.com/chcon-2024/talk/J9PJQY/", "title": "The Independence Day (1996) Hacking Scene Was Good, Actually", "subtitle": "", "track": "Main Track", "type": "Talk", "language": "en", "abstract": "Everyone knows that in 1996, David Levinson saved the world by hacking the aliens with his trusty Macintosh PowerBook. Despite the memes you may have seen, this cyberattack is actually plausible, and I can prove it. Let's break down the famous ID4 hacking scene, map it onto Lockheed-Martin's Cyber Kill Chain, and give Mr. Levinson some well-deserved credit!", "description": "\"But Ben,\" I hear you protest, \"Dean Devlin and Roland Emmerich only intended for the aliens to be defeated by a computer virus as a nod to the alien invasion in H. G. Wells's _War of the Worlds_ being defeated by organic viruses! It wasn't meant to be realistic!\"\n\nThat's where you're wrong, kiddo. Devlin enlisted Chris Weaver (Distinguished Professor of Computational Media at Wesleyan, Director of Smithsonian Spark!Lab Outreach Initiatives, and the founder of Bethesda Softworks LLC!) as the technical consultant and inspiration for the character of David Levinson. There absolutely is a sound 1990s-era cybersecurity foundation here and it goes way beyond Devlin's half-arsed AMA explanation that Levinson simply flipped zeroes and ones to invert the alien signal!\n\nWe'll cover some very important technical context featured in the novelisation (also written by Dean Devlin) and deleted scenes from the movie, and follow the cyberattack step-by-step through the Lockheed-Martin Cyber Kill Chain from Reconnaissance to Actions On Objectives. Finally, we'll talk about what the aliens did wrong, and how to remediate these vulnerabilities to ensure good cybersecurity hygiene for a successful planetary invasion.\n\n(And I promise I'll keep the \"fan wank\" to an absolute minimum.)", "recording_license": "", "do_not_record": false, "persons": [{"code": "S8HHPT", "name": "Ben Loula", "avatar": "https://pretalx.com/media/avatars/S8HHPT_OoULATX.webp", "biography": "Ben is a web application penetration tester who has been living in Aotearoa for a few years now. When he\u2019s not hacking he\u2019s probably running tabletop RPGs, getting motion sick in VR, walking his cat, or tramping through the Waitakeres.", "public_name": "Ben Loula", "guid": "3e1b0b9c-1ec1-5a85-9713-2eef55de6e62", "url": "https://pretalx.com/chcon-2024/speaker/S8HHPT/"}], "links": [], "feedback_url": "https://pretalx.com/chcon-2024/talk/J9PJQY/feedback/", "origin_url": "https://pretalx.com/chcon-2024/talk/J9PJQY/", "attachments": []}]}}]}}}