2018

S2.E1 ∙ A Kinesthetic Approach to Learning Encryption

Thu, Jun 06, 2019

Kinesthetic style, or tactile learning, means that some learn best by physically doing to fully learn and memorize a topic. Capture the flag competitions can be a way to understand security concepts with reading, understanding, applying and watching it in action. Creating a full multi-sensory learning experience to retain those concepts in memory for later.

0 /10

S2.E2 ∙ More Than Tor: Shining a Light on Different Corners of the Dark Web

Wed, Jun 19, 2019

When the terms Darknet or Dark Web are invoked, it is almost always in reference to the Tor network, but what about the other extant Darknet frameworks? In this talk Benjamin will expand the field of view to include frameworks such as Freenet, I2P, and OpenBazaar. He'll take a quick look at the origins and technical underpinnings of these Darknets as well as their actors and offerings.

0 /10

S2.E3 ∙ The Magic of Forensic Artifacts Hiding in Plain Sight

Thu, Jul 04, 2019

Digital forensics expert Cindy Murphy, M.Sc. will use this session to unpack the myths of digital forensics she uncovered since her career pivot from law enforcement to private digital forensics work. She will discuss how to navigate common myths and most importantly, how to keep moving forward in an ever-changing industry.

0 /10

S2.E4 ∙ Spitting the Hook: Examining Phishing Bait

Thu, Jul 18, 2019

In this very informative panel, Joe Cicero examines phishing bait for enterprise protection. Subjects covered are: the red flag concept, identifying phishing email basics, examining headers, examining attachments and links. Additional topics covered are: the differences between a legit email, spam, marketing and phishing.

0 /10

S2.E5 ∙ Phreaking for fun and profit

Thu, Aug 01, 2019

Brad talk's about phone phreaking back in the late 1980's, until the mid 1990's. He will cover what phreaking was, why it worked, and why it was done. Devices used, the theory behind them, and some entertaining stories about those devices are covered. He will cover the slew of 'secret' numbers that existed in the phone system and discuss the decline in phreaking with the newer versions of ESS.

0 /10

S2.E6 ∙ Shifting Security Left

Thu, Aug 15, 2019

The shift to the cloud is making it more difficult for security teams to control what happens in their organizations and secure systems. The solution is more security tools, more security people, and ever-inventive ways to reign in your environment. We'll talk about how engineering automation to create a culture of empowerment, self-reliance and trust can result in better security outcomes.

0 /10

S2.E7 ∙ Bug Bounty Law

Thu, Aug 29, 2019

Bug Bounties and Vulnerability Disclosure Program (VDP) are one of the fastest growing, most popular ways for companies to engage with the security research community and uncover unknown security vulnerabilities. This talk will explore how the law interacts with bug bounties, VDP, anti-hacking laws, bounty legalese myths, and contract standardization efforts widely adopted across the industry.

0 /10

S2.E8 ∙ Automating Hashtopolis

Thu, Sep 12, 2019

This talk will cover the basics of using the user-api to automate functions in Hashtopolis. Connecting to an HTP instance, creating hashlists, creating attacks, recovering plaintext, user creation and more will be covered.

0 /10

S2.E9 ∙ Welcome Our New A.I. Overlords

Thu, Sep 26, 2019

Amazing new A.I. based services from Amazon, Google, and Microsoft let organizations rely on automated technology to crawl through their cloud-based data to identify sensitive info, security weaknesses, and hacking attempts. In this talk, Ed will analyze security implications, ethical, business, and privacy issues they raise as cloud-based A.I. intertwines itself in our lives deeper every day.

0 /10

S2.E10 ∙ Tracking an Adversary's Learning Curve

Thu, Oct 10, 2019

There are 2 camps of attackers: low skilled opportunists (script kiddies) and APT - Advanced Persistent Threats (funded organized crime, nation states). In between lurks a skilled persistent threat, capable of doing even more damage. These adversaries require human responders to identify, track, and oppose. Understand the constraints of the persistent threat, and you can learn to counter them.

0 /10

S2.E11 ∙ Remote Wireless Pentesting

Thu, Oct 24, 2019

Wireless pentesting typically requires physical proximity to a target which requires time, limited resources, and constant traveling. Eric and Matt have pioneered an inexpensive device to covertly perform wireless pentests anywhere on earth. In this talk, they'll discuss why they built it, how it works, and why they think it will revolutionize wireless pentesting.

0 /10

S2.E12 ∙ Building a Cohesive Undergraduate Security Club

Thu, Nov 07, 2019

The university security club had its ups and downs between boring meetings and inaccessibility to newcomers. It improved with a tighter meeting format, approachable 24-7 internal CTF, and internal documentation. There was better attendance, more people staying after meetings, and freshmen successfully completing projects with upperclassman mentorship. Interested? Learn more by watching this video.

0 /10

S2.E13 ∙ Encryption, Silver Bullets & Holy Water

Thu, Nov 21, 2019

Werewolves attack? We have silver bullets. Vampires attack? We have holy water. Criminal hackers attack? We have encryption. Or at least, that's how we'd like it to play out. The villains come and the heroes beat them back. But too often, encryption is like water without the holy, bullets without the silver. The configuration is wrong, or the code is incomplete, or other simple flaws trip us up. This talk will cover how and where to architect for encryption to get real protection.

0 /10