2.0 -//Pentabarf//Schedule//EN PUBLISH JN7FQY@@pretalx.com -JN7FQY ICS / OT Cyber Security Crash Course en en 20241121T080000 20241121T170000 090000

ICS / OT Cyber Security Crash Course

This crash course covers foundational and basic information on what is ICS and OT, how to understand their functions and why they require a unique approach to security controls and countermeasures. Aside from the theory required, there will be some exercises on Ladder Logic, Purdue Model, and effective countermeasures. Finally, at the end of the day, there will be a demonstration using SCADA and PLC software. PUBLIC CONFIRMED Training Day https://pretalx.com/chcon-2024/talk/JN7FQY/ Te Akatoki Gavin Dilworth PUBLISH UZ9NMX@@pretalx.com -UZ9NMX Incident Response 101 en en 20241121T080000 20241121T120000 040000

Incident Response 101

The training session covers a simulated fictitious incident where teams need to work together to resolve the incident as quickly as possible. This provides participants the opportunity to gain first-hand experience of key concepts in an incident, with multiple repetitions through it to help to solidify core concepts. The training prepares teams with the foundational knowledge of how people may respond under pressure, setting the groundwork for a common language and understanding before moving to more advanced exercises (e.g. tabletop exercises, purple teaming). It also covers each phase of the NIST Incident Response Lifecycle. PUBLIC CONFIRMED Training Session https://pretalx.com/chcon-2024/talk/UZ9NMX/ Room of Requirement DJ PUBLISH LXRXD7@@pretalx.com -LXRXD7 An introduction to web application security through Python en en 20241121T130000 20241121T170000 040000

An introduction to web application security through Python

This training aims to introduce attendees to common web application vulnerabilities through a hands on format. This workshop will use a vulnerable Flask website to demonstrate various vulnerabilities from the OWASP top 10 and other common vulnerabilities I've found through my career. For each vulnerability covered, it will be laid out in roughly the following format: - An introduction to the issue at a high level. This will cover things such as what the issue is, potential impact to applications and how to test for it in your own applications. - Hands on hacking where each attendee will attempt to exploit the issue in the vulnerable Flask application, experienced helpers will be on hand to help walk you through exploiting each issue. Time permitting, we will also aim to complete the following steps for each issue: - After exploiting the issue, we will discuss mitigating steps and ways to fix this in your applications. - Attendees can then fix the issue on a local version of the vulnerable site and verify their fix, with experienced helpers on hand to assist with this step. This workshop will also introduce attendees to various tooling for both exploiting vulnerabilities as well as Python tooling to help prevent the vulnerabilities in the first place. Participants will require the following: - The ability to provide a laptop to use throughout the workshop. - The ability to run BurpSuite Community Edition. This is free and we will teach the users the required knowledge for how it will be used in the workshop on the day. - An internet connection to receive the lab files. A requirements file and source code will be provided on the day. PUBLIC CONFIRMED Training Session https://pretalx.com/chcon-2024/talk/LXRXD7/ Room of Requirement Ethan McKee-Harris PUBLISH Y9X3W8@@pretalx.com -Y9X3W8 WiFi - Novice to Professional en en 20241121T080000 20241121T120000 040000

WiFi - Novice to Professional

Embark on a journey into the heart of WiFi technology with our dynamic training program. Delve into the core principles while keeping pace with the latest advancements in the field. This immersive experience isn't just about theory; it's about hands-on learning. Navigate through virtual wireless arenas, applying newfound skills in real-world exercises. From tackling personal networks to infiltrating enterprise setups, this training equips you to handle diverse challenges. Explore both fortified and vulnerable configurations, honing your expertise in thwarting attacks. And with a focus on the cutting-edge WPA3 standard, you'll be prepared for the newest frontiers of WiFi security. PUBLIC CONFIRMED Training Session https://pretalx.com/chcon-2024/talk/Y9X3W8/ Bentleys Toby Reynolds PUBLISH LT8GHD@@pretalx.com -LT8GHD REV.ENG.E₂ en en 20241121T130000 20241121T170000 040000

REV.ENG.E₂

This session will cover: * The use and abuse of common developer tools * Live debugging techniques * Fantastic tools and where to find them PUBLIC CONFIRMED Training Session https://pretalx.com/chcon-2024/talk/LT8GHD/ Bentleys Karl Barrett PUBLISH ZRFTXG@@pretalx.com -ZRFTXG Conference Opening en en 20241122T084500 20241122T090000 001500

Conference Opening

The opening of the conference PUBLIC CONFIRMED Talk https://pretalx.com/chcon-2024/talk/ZRFTXG/ Ngaio Marsh Theatre PUBLISH HRWPKQ@@pretalx.com -HRWPKQ We're All Scared, Too: 10 Years of lessons from Cybersecurity Mentorship en en 20241122T090000 20241122T100000 010000

We're All Scared, Too: 10 Years of lessons from Cybersecurity Mentorship

We're All Scared, Too: 10 Years of lessons from Cybersecurity Mentorship PUBLIC CONFIRMED Long time good talk https://pretalx.com/chcon-2024/talk/HRWPKQ/ Ngaio Marsh Theatre Lesley Carhart PUBLISH XVD9XM@@pretalx.com -XVD9XM Fellowship of Ring-0: How to hack into a Cyber security career en en 20241122T100500 20241122T103000 002500

Fellowship of Ring-0: How to hack into a Cyber security career

In the 90s, cybersecurity was still pretty underground and mostly revolved around hackers and government suits. Now in 2024, you can get an actual university degree in it. Cybersecurity has grown into a proper full grown industry, even though the image it holds still screams 90s cyberpunk future. We know this can be pretty daunting to newbies on the outside, looking to get involved. In this talk, three industry ‘veterans’ will talk about our path in cyber security, the jobs we’ve done, what we do now, and try and de-bunk some of the gatekeeping you may have encountered. PUBLIC CONFIRMED Talk https://pretalx.com/chcon-2024/talk/XVD9XM/ Ngaio Marsh Theatre Jed Laundry sput Ben Creet PUBLISH B7GE3Y@@pretalx.com -B7GE3Y How to not be a dick in the IT industry en en 20241122T110500 20241122T113000 002500

How to not be a dick in the IT industry

We are currently consultants from Bastion Security and have been working in the industry long enough to collect a number of work stories illustrating how people can just be dicks. Think gaslighting you. Think ignoring you. Think telling you that you don't know what 2FA is! The goal of this talk is to educate our peers to better understand how their actions may impact other people, and what they can do to make sure we are encouraging and supporting new people into the industry. We also want to give you some simple advice so that you feel better equipped to handle situations where you feel like someone is being a dick. In this talk we recount 3 horror stories from our own experiences - but with a positive spin and a key theme. The key themes we will be sharing as part of these stories are: - Have your listening ears on - don't think you know everything, we do have important things to say - especially when we are telling you that MFA is not working. - Be careful with your words - words are mightier than the sword, so please don't tell me I've done something wrong in front of an entire office of people. - Make sure everyone feels seen - in a meeting of 3 people, it's still easy to leave one person feeling like their perspective is not seen or heard. We hope that by sharing with you these stories, we educate people how to not be a dick - ultimately making the industry a better place for everyone. PUBLIC CONFIRMED Talk https://pretalx.com/chcon-2024/talk/B7GE3Y/ Ngaio Marsh Theatre Justina Louise Kendall PUBLISH B9CK8B@@pretalx.com -B9CK8B Better Investigations with OODA Loops en en 20241122T113500 20241122T120000 002500

Better Investigations with OODA Loops

Militaries around the world have been using OODA loops for years at both strategic and tactical levels to quickly make solid decisions that revolve around disrupting and gaining an advantage over their adversaries. In an industry first, I'm taking some military terminology and applying it to Cyber Security! Come with me on a practical journey through the triage of both security alerts, and findings from system investigations, and practice applying the OODA (Observe, Orient, Decide, Act) decision making model. Through this application, you'll learn how to make good investigation repeatable, trainable, and easily communicable, leading to better outcomes for you AND your customers! PUBLIC CONFIRMED Talk https://pretalx.com/chcon-2024/talk/B9CK8B/ Ngaio Marsh Theatre LukeP PUBLISH RLJDSS@@pretalx.com -RLJDSS Windows - Data Protection API en en 20241122T120500 20241122T123000 002500

Windows - Data Protection API

Come and learn how developer can use the Windows Data Protection API (DPAPI) to encrypt secrets, and how applications, including browsers, use this API. You will gain a basic understand on how the DPAPI works under the hood in Windows systems, and how it is often abuse from an offensive perspective. PUBLIC CONFIRMED Talk https://pretalx.com/chcon-2024/talk/RLJDSS/ Ngaio Marsh Theatre Claudio Contin PUBLISH LEKAFY@@pretalx.com -LEKAFY NTLM: The Last Ride en en 20241122T133500 20241122T142000 004500

NTLM: The Last Ride

This talk is based on a series of unexpected discoveries that spiraled into a full-blown research project after a coworker innocently suggested I provide an NTLM challenge to what I thought was simple blind SSRF (Server Side Request Forgery). Several round trips to the MSRC (Microsoft Security Response Centre) and bug bounties later, we came up for air with a new appreciation on how to coerce NTLM authentication out of applications with a minimum amount of fuss. While capturing a Net-NTLMv2 hash on a web application penetration test can be a good finding, being able to coerce hashes on port 80 in an internal network can be absolutely devastating and result in large amounts of lateral movement and privilege escalation within a domain. This talk will be beneficial to pentesters, security researchers, bug hunters and red teamers as we deep dive into Windows authentication and bypassing trusted zones. There will be ideas for weird and wonderful places for the red team to to try and find NTLM hashes. For the blue team, there will be details on what you need to be looking for and securing in your environment. We will also have a closer look at some of the legacy Win32 APIs to find out why Windows can't do anything without trying to authenticate. PUBLIC CONFIRMED 45er https://pretalx.com/chcon-2024/talk/LEKAFY/ Ngaio Marsh Theatre Jim Rush Tomais Williamson PUBLISH HSFAZH@@pretalx.com -HSFAZH It’s me, hi! I’m the problem, it’s me; a five year review of security communications en en 20241122T142500 20241122T145000 002500

It’s me, hi! I’m the problem, it’s me; a five year review of security communications

More and more, security incidents and breaches are becoming familiar to people outside the security industry. As awareness grows, incidents and how they’re responded to are no longer judged by the technical response alone; solid communications is critical to both response and recovery. This whirlwind tour of some of the great and not-so-great responses to security incidents over the last five years will share where incident communications have improved, where things have got stuck, and where we need to go in the next five to keep making people and systems safer. PUBLIC CONFIRMED Talk https://pretalx.com/chcon-2024/talk/HSFAZH/ Ngaio Marsh Theatre Izzi Lithgow PUBLISH LX3BUC@@pretalx.com -LX3BUC The Exploitation of Others en en 20241122T152500 20241122T155000 002500

The Exploitation of Others

My talk is based on the research I did for my final post grad research paper, titled "Hijacking Human Emotion: The Exploitation of Others Through Technological Scamming". I feel passionate about this topic because people are so quick to blame the individual who have been scammed without even realising the effort and in-depth thought that can go behind it nowadays. Scams have been around for a long time, and they are getting increasingly sophisticated, especially around a time where we are still developing into the technological sphere and people have a false sense of security online. Some scammers are in the game for the long haul, and they will use technology, something that is deeply imbedded in today's society, to their advantage. The purpose of my presentation is to hopefully get across that you do not need to be a technological mastermind in order to scam someone out of something. My talk covers technological characteristics and expected or conditioned human responses that are taken advantage of in conjunction with one another in order to successfully scam another individual. It is getting more and more relevant. Consider the story at the beginning of the year where a financial assistant handed over tens of millions of dollars thinking he was doing what his boss wanted. AI was used instead to manipulate his response and encouraged him to do what he thought he was being told to do. This is one of the few crimes, if not the only crime where the malicious person is not actively stealing anything or breaking into anything to achieve their goal. The intended target is voluntarily providing the money or account information, albeit under false pretenses. There is no active 'taking'. That is the point I want to get across. PUBLIC CONFIRMED Talk https://pretalx.com/chcon-2024/talk/LX3BUC/ Ngaio Marsh Theatre Dana Windsor PUBLISH PDNLNS@@pretalx.com -PDNLNS Fantastic Ingress Points and Where to Find Them en en 20241122T155500 20241122T162000 002500

Fantastic Ingress Points and Where to Find Them

This presentation aims to examine the life cycle of offensive security testing and how it ties into continuous security improvement. Mewsec is a Security Researcher and InfoSec professional from over the puddle hailing from the land of koalas. When she is not "Hacking the Planet", you could probably spot her at an Aussie con. PUBLIC CONFIRMED Talk https://pretalx.com/chcon-2024/talk/PDNLNS/ Ngaio Marsh Theatre MewSec PUBLISH N7LHKK@@pretalx.com -N7LHKK What Developers Get for Free? en en 20241122T162500 20241122T165000 002500

What Developers Get for Free?

Developers! Developers! Developers! Developers! Developers! Developers! In this talk, we’ll dive into the evolving landscape of built-in security features provided by modern frameworks and languages. We’ll start with a look at Ruby on Rails, which pioneered many security features such as protection against SQL injection and XSS, and how these innovations set the stage for today’s robust frameworks. We’ll then explore contemporary frameworks like Django and ASP.Net Core, which offer advanced security features such as automatic password hashing upgrades and extensive built-in protections. We'll demonstrate how these features can enhance your development practices and why they matter. In addition, we’ll discuss the significance of comprehensive documentation and error-proofing to prevent developers from reinventing the wheel and to streamline focus on critical areas. We’ll also cover how developers can contribute to this ecosystem, whether by implementing similar practices internally or by contributing to open-source projects to expand the availability of these built-in security features. Finally, we’ll examine the impact of these built-in features on penetration testing, code reviews, and compliance. By leveraging these features, you can strategically target your efforts on custom code and integrations. Or, by focusing on these widely-used features, you have the opportunity to uncover high-impact vulnerabilities that many developers rely on—making it harder to find issues, but offering significantly higher rewards when you do. PUBLIC CONFIRMED Talk https://pretalx.com/chcon-2024/talk/N7LHKK/ Ngaio Marsh Theatre Louis Nyffenegger PUBLISH QCWLAT@@pretalx.com -QCWLAT ICS is NOT OT - Redefining Operational Technology en en 20241122T171000 20241122T173500 002500

ICS is NOT OT - Redefining Operational Technology

Industrial cyber security is a harder problem than corporate/enterprise cyber security. The requirements are different. Most systems and protocols are insecure-by-design. Many systems are un-patched and/or un-patchable. The part-art and part-science of OT cyber security is far less mature than more well-established IT or conventional cyber security. Add into the mix, a 'cylinder of excellence' (silo) problem. Most technology in an organisation sits in the IT 'cylinder'. For OT, there is always an interface with operations/engineering/generation/manufacturing because you're working on technology that can have real-world implications (a key feature of OT). In working in the area of ICS/OT for ~20 years, the last ~10 years in ICS/OT cyber security, Peter will bring some insights in dealing with some of the hard problems in ICS/OT cyber security. One area of development is the clarification of roles and responsibilities. More organisations are changing their strategies in who is responsible for 'OT'... and even how we define 'OT'. His experience is informed not only though work in the sector (NZ and internationally) but supported by several years as an intentionally-recognised award-winning OT cyber security expert and international conference presenter. His work supporting the ICS/OT cyber security community extends to ~dozens of presentations across NZ, running the NZ ICS/OT Cyber Technical Network (established 2019), facilitating NZ ICS/OT seminars/conferences (since 2017), and supporting the 62443 series as a member of ISA-99. PUBLIC CONFIRMED Talk https://pretalx.com/chcon-2024/talk/QCWLAT/ Ngaio Marsh Theatre Peter Jackson PUBLISH KATQUL@@pretalx.com -KATQUL Intelligence-Driven Defense – A CTI story en en 20241122T174000 20241122T180500 002500

Intelligence-Driven Defense – A CTI story

What will attendees learn/gain from the presentation? An approach to understand the telemetries used by threat actors and gain insights using statically analytical techniques. A methodology to mitigate cyber threats that are likely target the organisation. PUBLIC CONFIRMED Talk https://pretalx.com/chcon-2024/talk/KATQUL/ Ngaio Marsh Theatre Chathura Abeydeera PUBLISH TKPQWN@@pretalx.com -TKPQWN Deepfake P*rn: The Real People Behind the Image en en 20241122T181000 20241122T183500 002500

Deepfake P*rn: The Real People Behind the Image

Deepfakes and A.I in general have permeated into the social discourse most notably over the last few years. As with most technological development there is a darker and more illicit history behind the advancements and notoriety surrounding this technology. Whilst chat bots and A.I image generators were entering the mainstream, an established subset of deepfakes has been persisting in popularity on the Internet - that is the use of deepfake technology to produce synthetic pornography. Deepfake pornography shares a similar history with most modern technologies in that it's advancement stems from a demand for sex on the Internet. However, due to the ease of accessibility and low technical requirement to utilise it, it has become a common vector to target and exploit women on the Internet. A superficial glance at deepfake pornography in mainstream media highlights the effects on mostly Western celebrity women. This talk will also explore the people who have been exploited by this technology but haven't received the same levels of attention, consideration, and support. The primary aim of this talk is to raise awareness about the negative impacts this technology is having on women and consider how we can do better as an industry. PUBLIC CONFIRMED Talk https://pretalx.com/chcon-2024/talk/TKPQWN/ Ngaio Marsh Theatre elle PUBLISH HA77NH@@pretalx.com -HA77NH Hacking the Suite: The Journey from Hacker to Executive en en 20241123T090000 20241123T100000 010000

Hacking the Suite: The Journey from Hacker to Executive

This presentation will include an origin story but will not focus on it. Instead, that origin story will be used to draw specific learning experiences to be shared with the audience. Tales of successes and failures will be shared, connections between hacker skill sets and the skills needed to be successful in the C-Suite will be drawn, and attendees will leave the session feeling prepared and inspired to take their hacker persona to the boardroom. PUBLIC CONFIRMED Long time good talk https://pretalx.com/chcon-2024/talk/HA77NH/ Ngaio Marsh Theatre Alyssa Miller PUBLISH CKPEZY@@pretalx.com -CKPEZY MFA, stories that make you go huh? en en 20241123T100500 20241123T103000 002500

MFA, stories that make you go huh?

This talk will provide background on what MFA is and why we should be using it. MFA often has pitfalls in its implementation, allowing attackers to bypass it. We will present a range of bypass techniques that we have seen through our testing over the years & how to identify them. In addition, we suggest how these issues could have been avoided. This discussion will also help the hunters with new ideas of what they can be looking for when reviewing MFA implementations or trying to bypass MFA on a red team. We finish with what you should be doing to avoid these MFA implementation issues. PUBLIC CONFIRMED Talk https://pretalx.com/chcon-2024/talk/CKPEZY/ Ngaio Marsh Theatre David Robinson Jacob Hawthorne PUBLISH EYU7C9@@pretalx.com -EYU7C9 Don’t Touch Disk, Disk is Lava en en 20241123T110500 20241123T113000 002500

Don’t Touch Disk, Disk is Lava

The presentation will cover: - Talk will reference real world experience conducting red team engagements - Why traditional web shells that are dependent on executing child processes from the IIS worker process should be avoided - Using reflection within ASPX to reflectively load assemblies for post exploitation - Exfiltration of IIS machine keys to maintain persistence and achieve code execution through deserialisation - Adaption of public tooling to build a “fileless” web shell which uses deserialisation to reflectively load assemblies PUBLIC CONFIRMED Talk https://pretalx.com/chcon-2024/talk/EYU7C9/ Ngaio Marsh Theatre Marc PUBLISH WSBPZP@@pretalx.com -WSBPZP A Very Brief History Of Safecracking en en 20241123T113500 20241123T120000 002500

A Very Brief History Of Safecracking

This talk is a whimsical yarn based on historical research I've been doing over the last few years on NZ safecrackers. It gives case studies of a few infamous NZ safecrackers, covering their origins and how they became highly technically specialised professional criminals, the exploits that made them notorious in their day, and their eventual downfall. It briefly examines the techniques used in safecracking and how they changed over time, as well as changes in safe/strongroom technology (some addressing actual emerging threats, others driven by industry FUD and planned obsolescence). This talk is not meant to be a lesson on what history can teach us about how to improve corporate cybersecurity (boring, anachronistic, big LinkedIn energy), but it will ✨subtly✨ nod at some timeless wisdom and obvious parallels to modern-day hackers and security. PUBLIC CONFIRMED Talk https://pretalx.com/chcon-2024/talk/WSBPZP/ Ngaio Marsh Theatre Petra Smith PUBLISH ZVPA7D@@pretalx.com -ZVPA7D Quantum Threats to Crypto: Should We Be Afraid? en en 20241123T120500 20241123T123000 002500

Quantum Threats to Crypto: Should We Be Afraid?

Our presentation explores the imminent dangers posed by quantum computing to cryptography, the specific risks, and how we can prepare for a more secure future. PUBLIC CONFIRMED Talk https://pretalx.com/chcon-2024/talk/ZVPA7D/ Ngaio Marsh Theatre Jagan Boda (Jay) PUBLISH 8ZETCE@@pretalx.com -8ZETCE Your voice confirms my identity en en 20241123T133500 20241123T142000 004500

Your voice confirms my identity

Ever-increasingly voice authentication is seen as the next step forward in a simplified user experience which also decreases costs for companies. Unfortunately, this same step can often be seen as a step backwards for user's security. This presentation aims to discuss topics such as the over-reliance on a user's voice as a primary security boundary. A demonstration of tools available for cloning a user's voice (mine). Along with the current pitfalls with the use of voice authentication. Further to this, we also dive into practical voice cloning of users using their digital presence. Audience members should be able to walk into this presentation with little to no prerequisite knowledge and leave with the following: - Knowledge of current voice cloning techniques - Considerations around the usage of voice as a security boundary within their own applications - A better awareness of where we see the voice authentication and AI voice generation sectors trending towards as well as the pitfalls associated with them PUBLIC CONFIRMED 45er https://pretalx.com/chcon-2024/talk/8ZETCE/ Ngaio Marsh Theatre Ethan McKee-Harris PUBLISH QMC7NK@@pretalx.com -QMC7NK Moving towards a carbon-zero, more sustainable, and digitally insecure world: managing cyber security vulnerabilities within green-tech en en 20241123T142500 20241123T145000 002500

Moving towards a carbon-zero, more sustainable, and digitally insecure world: managing cyber security vulnerabilities within green-tech

This session will cover off: o What are current and emerging examples of green technology, o Cyber threats facing green technologies today, and what the commercial and personal impact can be, o Recent examples of green technology compromises, o What remediation options are available to address cyber security risks within green technologies, o Remediation implementation: how a partnership-based approach is the best way forward, and o How cyber security professionals can work with green technology consumers and vendors to address this growing trend. PUBLIC CONFIRMED Talk https://pretalx.com/chcon-2024/talk/QMC7NK/ Ngaio Marsh Theatre Nick Baty PUBLISH X8G3XD@@pretalx.com -X8G3XD Fellowship of the Keys en en 20241123T145000 20241123T150500 001500

Fellowship of the Keys

One key to rule them all and one key to find them One key to bring them all and in the network bind them The Fellowship of the Keys tells the story of TLS Certificates and how it plays a major role in making network connections secure. It also talks about the importance of getting your Certificate verification right in order to meet the requirements for NIAP/Common Criteria certification. PUBLIC CONFIRMED Lightning https://pretalx.com/chcon-2024/talk/X8G3XD/ Ngaio Marsh Theatre Marjonel Montejo PUBLISH XT93HS@@pretalx.com -XT93HS Putting the S for Security into IoT en en 20241123T154000 20241123T155500 001500

Putting the S for Security into IoT

There are any number of talks about security tools for web development but very few for IoT. In my new job we're using Github (Dependabot, Secrets Manager, CodeQL), SonarQube, Mend, Nessus and others. I will go through how we use these and how useful they are, particularly because we're using Yocto which isn't directly supported by some of these. PUBLIC CONFIRMED Lightning https://pretalx.com/chcon-2024/talk/XT93HS/ Ngaio Marsh Theatre Tom Isaacson PUBLISH 7ALPRL@@pretalx.com -7ALPRL Beyond 'delete my browser history' - infosec after death en en 20241123T155500 20241123T162000 002500

Beyond 'delete my browser history' - infosec after death

An intersection between death, information security and legal things. Relevant to absolutely everyone. PUBLIC CONFIRMED Talk https://pretalx.com/chcon-2024/talk/7ALPRL/ Ngaio Marsh Theatre notnotcharlie PUBLISH ZMQBTS@@pretalx.com -ZMQBTS What!? Is my life that fragile? en en 20241123T162500 20241123T165000 002500

What!? Is my life that fragile?

As a cyber security professional, it’s often our job to keep the organisation safe from cyber threats and manage its risks. We know that these are very context sensitive; especially the consequences. We do these assessments with the organisations’ perspective in mind. But, when was the last time you genuinely considered the risks and consequences, from your own perspective and the ones you love? While doing my own digital housekeeping, I did just that, and it felt confronting - the risk profile was very different. In this talk, I’ll explore that, and walk through a threat model where the perspective is of an individual human - you and me. It was quite surprising how things can go wrong. Could a single “incident” potentially deny your ability to continue living your life? Let’s find out. What we individually can and collectively must do about it? Especially as we become dependent on our digital lives to live our meatbag ones. PUBLIC CONFIRMED Talk https://pretalx.com/chcon-2024/talk/ZMQBTS/ Ngaio Marsh Theatre hoodiePony PUBLISH LRLZYE@@pretalx.com -LRLZYE PDF structure and places where you can hide things. en en 20241123T172500 20241123T175000 002500

PDF structure and places where you can hide things.

PDFs are ubiquitous, and a relatively simple format. However that simplicity supports multiple places where code, or other information can be stored. We will have a quick overview of the overall structure of PDFs, and see three places (if there is time) where code can potentially be stored. We will also look at some tools that can be help to identify the presence of such code. PUBLIC CONFIRMED Talk https://pretalx.com/chcon-2024/talk/LRLZYE/ Ngaio Marsh Theatre Roger Dunham PUBLISH Q9LJLG@@pretalx.com -Q9LJLG Hackin Kashin en en 20241123T175000 20241123T181500 002500

Hackin Kashin

we looked at a yellow elephant under a microscope PUBLIC CONFIRMED Talk https://pretalx.com/chcon-2024/talk/Q9LJLG/ Ngaio Marsh Theatre Thomas Hobson PUBLISH J9PJQY@@pretalx.com -J9PJQY The Independence Day (1996) Hacking Scene Was Good, Actually en en 20241123T181500 20241123T184000 002500

The Independence Day (1996) Hacking Scene Was Good, Actually

"But Ben," I hear you protest, "Dean Devlin and Roland Emmerich only intended for the aliens to be defeated by a computer virus as a nod to the alien invasion in H. G. Wells's _War of the Worlds_ being defeated by organic viruses! It wasn't meant to be realistic!" That's where you're wrong, kiddo. Devlin enlisted Chris Weaver (Distinguished Professor of Computational Media at Wesleyan, Director of Smithsonian Spark!Lab Outreach Initiatives, and the founder of Bethesda Softworks LLC!) as the technical consultant and inspiration for the character of David Levinson. There absolutely is a sound 1990s-era cybersecurity foundation here and it goes way beyond Devlin's half-arsed AMA explanation that Levinson simply flipped zeroes and ones to invert the alien signal! We'll cover some very important technical context featured in the novelisation (also written by Dean Devlin) and deleted scenes from the movie, and follow the cyberattack step-by-step through the Lockheed-Martin Cyber Kill Chain from Reconnaissance to Actions On Objectives. Finally, we'll talk about what the aliens did wrong, and how to remediate these vulnerabilities to ensure good cybersecurity hygiene for a successful planetary invasion. (And I promise I'll keep the "fan wank" to an absolute minimum.) PUBLIC CONFIRMED Talk https://pretalx.com/chcon-2024/talk/J9PJQY/ Ngaio Marsh Theatre Ben Loula