Dec 15, 2010

BruCON sponsor of SecurityBSides Berlin

Bsides is a community driven initiative very similar to BruCON. BSides is coming to Berlin for the first time and BruCON decided to support this event.
Each BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening.
They are still looking for sponsors and the Call for Presentations is still open but will close soon! You should participate and become a sponsor or a speaker. For more information: http://berlinsides.org/

BruCON donates back to the community

BruCON has had a successful second year which was a lot of fun and educational to the volunteers, the speakers and the visitors.
As a not-for-profit event, the core organization has decided to donate the profits of this year back to (local) projects and initiatives that are in line with its mission.

If you want to submit a project or event, contact us. We will publish more information about our donations as we move along.

BruCON is always looking for good members in its organizational team as well as volunteers during the event. So join the volunteer mailinglist if you are interested to help. Our event wouldn't be possible without your help.

Nov 30, 2010

Brucon 2010 videos released

Thanks to the hard work of our video team (kudos to Wouter, Illias! and Job), we had an excellent live streaming during the event. It took us some rest after the event but here are the video files for those who missed the stream. It doesn't capture the hallway track, workshops or other fun. For that you have to attend the 2011 edition!!!

Source files can be found through http://2010.brucon.org/index.php/Video

Please help us with mirrors , torrents and such to distribute the content!!! Thanks to @xme, @seccubus and @fish_ to provide initial hosting!!!

CU in September 2011!!

Oct 18, 2010

Save the date: 23 & 24 Sept 2011

For those who like to plan ahead, keep Friday and Saturday 23 & 24 September 2011 free. Spread the word.

Sep 28, 2010

BruCON 2010 slides, podcasts and other coverage

First wave of presentation slides of BruCON 2010 are now online.

You can find them on our wiki:
http://2010.brucon.org/index.php/Presentations

We will publish the remaining slides as soon as we can. Of course, it's much more interesting to see the videos. We will publish them as soon they are processed and edited. Stay tuned.

For now, you can also enjoy the podcasts and blogposts covering the conference. Feel free to add articles, photos or links to articles yourselves if you see any:

http://2010.brucon.org/index.php?title=Main_Page#Media

Sep 26, 2010

Don't forget to provide us feedback!!!

BruCON 2010 was a huge success. We want to thank the sponsors, speakers, volunteers and visitors to be part of this awesome event and hope to see you back in 2011.

To help us make the event even better, please send us general feedback and ideas on how to improve, to our emailbox (feedback @ brucon.org) and provide the speakers with feedback on their talks at http://schedule.brucon.org. Just click on a presentation and it should be very simple.

Have a good idea for 2011? Just let us know....

Feel free to help us link to interesting articles, blogposts and pictures on our wiki: http://2010.brucon.org

See you all in 2011.

Free Malicious PDF Analysis e-book from the #BruCON workshop by Didier Stevens

Didier Stevens was so kind to publish the e-book on his workshop at BruCON. Details on his blog:

http://blog.didierstevens.com/2010/09/26/free-malicious-pdf-analysis-e-book/

Sep 24, 2010

Samurai WTF 0.9 BruCON pre-release

Justin Searle was so kind to release the latest version of Samurai Webapplication Testing Framework made for the BruCON workshops. This is the latest version with the latest tools and will now be published during BruCON!!!

http://www.seccubus.com/misc/samurai-0.9.iso
http://www.seccubus.com/misc/samurai-0.9.iso.sha1
http://www.randomdata.nl/media/samurai-0.9.iso
http://2010.brucon.org/material/samurai-0.9.iso
http://2010.brucon.org/material/samurai-0.9.iso.sha1

Be aware is that this version has some bugs. Use at own risk. They are working on another update to be released soon!!!

Follow BruCON LIVE !!!

It took us a while to get the kinks out of the system but we are streaming the rest of the conference LIVE!!!

Go to http://81.241.241.248/ and enjoy some of the talks.

Of course, you'll still miss the workshops, Hex Factor, parties, hallway track and other fun stuff at BruCON.... so mark your calendar for next year!!!

All recordings will be posted online afterward, just like we did last year.

Kudos to our video team for all the hard work!!!!

Sep 22, 2010

Workshops changes and latest schedule updates

Some last minute changes.... Unfortunately, the Office Cryptanalysis workshop got canceled. But we did our utmost best to find you a replacement and actually got you two!!!
Thank you Justing Searle, David Durvaux and Christian Van Heurck for helping us out!!! Don't forget to register for their workshops!!

The LSEC workshop also moved from Friday to Saturday.

So check our online schedule for the last version and information!!! http://2010.brucon.org/index.php/Schedule

Fridaynight = open Fracknight @ BruCON

After the presentation track on Friday, there will still be some activities like hardhack.org in the hardware hacking area. BruCON has decided to open its doors Friday after 20:00 till midnight that evening so people can still participate with or without a ticket. BUT we cannot exceed the venue capacity due to safety reasons so we cannot allow entrance above 400 people. Of course ticket holders have priority but feel free to drop by and see if we can allow more people inside.

In worst case, you can join the beerworkshop which will be given outside (limited capacity) or join the people soon after at one of the after-parties which people have planned that evening.

Come to the Surfhouse and have a beer with us.

Sep 21, 2010

InternetRadio SIGNAL live at BruCON

Signal will be recording and broadcasting at BruCON!!
Signal is hackerspace radio bringing news, gossip, interviews and other audio related to hackerspaces, the hackerscene, technology, science and what have you. Broadcasting live every Thursday from 10 pm - 12 am CEST | 08 pm - 10 pm UTC | 04 pm - 06 pm EDT | 01 pm - 03 pm PDT (aka International Hacker Time). Signal will be broadcasting live from Brussels on thursday evening with a preview of Brucon, as well as on friday evening streaming the podcasters debate live.
The BruCON video crew will also be live streaming all the talks. Details will follow soon. Keep tuned!

Sep 20, 2010

Avoid the queue and pick up your #BruCON badge on Thursday

To help avoid long queues on Fridaymorning, you can pickup your conference badge already on Thursday evening between 18:30 and 20:00.

The volunteers will be present for buildup process at the venue so the registration desk will be open. Feel free to drop by.

Directions to the venue can be found here.

Sep 17, 2010

Last day of online registrations

Online registrations will end at midnight today. There are only about 15 seats available so we advice you to book in advance. Prices at door will be slightly higher and if we are sold out we cannot guarantee entrance.

More details at
http://2010.brucon.org/index.php/Tickets

We have 2 days packed full of great stuff so come and join us!!!
http://2010.brucon.org/index.php/Schedule

Thanks to all the sponsors, partners, volunteers and visitors for making this event happen! See you all next week!!!

Sep 14, 2010

The Hex Factor Prizes

The Hex Factor contest designed by the awesome THF Team is not only fun and educational, thanks to some of our sponsors, you can earn some rewards.

The below list is subject to change and is only to give you an idea.

1st Prize
- 5 x 50 EUR Gift Vouchers of Amazon
- 3 x T-Shirt of The Hex Factor 2010
2nd Prize
- 3 x 50 EUR Gift Vouchers of Amazon
- 3 x T-Shirt of The Hex Factor 2010
- 1 x Fonera 2.0n (awesome versatile and hackable router!)
3rd Prize
- 3 x 50 EUR Gift Vouchers of Amazon
- 3 x T-Shirt of The Hex Factor 2010
4th Prize
- 2 x 50 EUR Gift Vouchers of Amazon
- 1 x T-Shirt of The Hex Factor 2010
5th Prize:
- 1 x 50 EUR Gift Vouchers of Amazon
- 1 x Fonera 2.0n (awesome versatile and hackable router!)
- 1 x T-Shirt of The Hex Factor 2010
6th - 10th Prize:
- 1 x T-Shirt of The Hex Factor 2010

The Hex Factor Team will be located in the Lounge area. Be sure to buy them some drinks for their hard work making this challenge!

We want to thank the following partners:

Getronics, a leading ICT service provider in Belgium, has joined Brucon as a gold sponsor and will be sponsoring some of the prices for the Hex Factor together with FON!



Sep 13, 2010

BruCON Workshop Registrations starting Tuesday 14/09

To prevent chaos for our workshops, we will start a registration list. Starting at 12:00 on Tuesday 14/09, you can register on the workshop page. Details are mentioned there.

Most workshops will be given on both days so you have 2 options. Arrive early (5 minutes for start). Even if you don't have a spot, drop by to see if anybody didn't show up.

If a lot of people miss out on a workshop, we will try to work something out for next year. So let's keep it fun and orderly for everyone.

We have some more surprises for you this week, so stay tuned. Online registrations closes next Friday.

Sep 9, 2010

Last week of BruCON tickets online sales

As the conference is rapidly approaching, we want to remind everyone that online sales stops in one week. Last day of online registration is 17th of September to ensure that payments are received in time. Afterwards, we only accept cash at door and cannot guarantee entrance as we are almost sold out. So please register in time. More information at http://2010.brucon.org/index.php/Tickets

We have a great track of presentations, workshops, a hardware area full of practical demonstrations, a live podcast meetup, lightning talks, powerpoint karaoke and much much more.... so come over!!! Don't forget the hallway track because it's all about you!

Sep 8, 2010

Two free tickets for the BruCON Security Conference

We are doing a special promotion. The first two following registrations for the Social Engineering (for Pentesters) Course will get a free ticket for the BruCON conference as well.

You can find more details about this course here. You can listen to Sharon Conheady on the latest Eurotrash Security Podcast episode (mp3) where she explains why Social Engineering is important and how easy it is used.

Aug 25, 2010

BruCON Schedule 0.6 released

With only 1 month to go, we are releasing a beta version of our schedule. It's packed with good stuff, so don't wait to long to get your ticket.

We accept (online) registrations only till the 17th of September. Door prices will be slightly higher.

There is still the possibility to register for our Training sessions by some international experts:

Aug 11, 2010

Winner and solution of TheHexFactor sample challenge

The first person to answer the challenge completely was Philippe Teuwen. Kudos for solving this challenge the day itself. Since he already has a ticket, he receives a Tshirt and prices will go to the runner-up Mark Hillick!

For those who wondered what the correct answer was, here is the solution:
  • Hidden.rtf is hidden in vader.gif using steganography with the IDEA encryption protocol. Using the passphrase "hexfactor" the file can be extracted.
  • Hidden.rtf contains the following url : http://blog.remes-it.be/wp-content/uploads/2010/07/poodleman.jpg
  • Poodleman.jpg metadata contains UHJpbnNlbmdhbGVyaWosIEJydXNzZWwsIEJlbGdpdW0=
  • The base64 string contains the following information : Prinsengalerij, Brussel, Belgium
  • With Google Maps, you can find the location and retrieve pictures taken nearby. The famous statue is among them : Jeanneke Pis
  • With tineye.com, you can find out which sites also host the poodleman pictures :

http://daviddust.blogspot.com/2009/11/happy-couples.html

http://picturewar.wordpress.com/

http://blog.stuttgarter-zeitung.de/category/dumm-gelaufen-dg/

http://awkwardfamilyphotos.com/2009/11/07/sns-mans-bff/

http://profile.myspace.com/index.cfm?fuseaction=user.viewprofile&friendid=189401

http://www.cutewithchris.com/formal_cat_portraits/index.html

http://www.magazine13.com/awkward-family-photos/

http://poorlydressed.com/

http://ffffound.com/image/d0153c516c834df263886b518bcc77f827eb4508

http://www.spock.com/q/%5EDog-Groomer%5E

http://squat.net/overtoom301/pages/events.html


For those who want to have more fun and learn new stuff.... come over to BruCON and play TheHexFactor! The venue will stay open all Friday evening so you can play after the last presentations to your hearts content.


Previous posts:

Aug 10, 2010

OMG we have been hacked. OH: Not really

Today, some people on the internet discovered the properties of a wiki: editing pages. Just like the Chaos Communication Conference (CCC) and other similar conferences, we deployed a wiki so that users could actively contribute to the conference. Schedule workshops, share traveltips, help us make wallpapers and upload them etc... etc...

Although critical pages are locked down, a lot of pages can be used by our volunteers and visitors. That's the nature of a wiki and the purpose is to be interactive with the community. The downside is that sometimes people misinterpret this as the possibility to do evil and vandalism. Like @securityshell discovered today.

Yes, although we have quite good antibot protection, we are not protected against these kind of people. We could lock the wiki further down, but that is against the open nature of our wiki. It only wastes the time of our wikiadmin who is a volunteer by itself with a real full-time job and hobbies.

Making text insertions and putting iframe code in it (which displays as normal text) and doesn't work and taking screenshots of it on your blog, claiming our website contains malware, well, is not much proof at all. If you know anything about mediawiki is that you can't insert code like that. Above all, it's a total waste of time, of you, of us. We can assure you, no harm was done except wasting the time of our wikiadmin to undo some wiki vandalism. We would hate it to make the wiki less accessible. Go to wikipedia, the 26C3 or the 27C3 wiki soon and have fun there as well. It won't make you a lot of friends in the community. So please stop.

Best Regards
The sysadmin

Aug 6, 2010

Hints for the Hex Factor sample challenge

You still have till Monday to send in your answer but here is a little tip: to have an IDEA about the HIDDEN message in the picture, you just need to focus on the "hexfactor" (lowercase) ;-)

Win a prize: a Hex Factor sample challenge

Aug 5, 2010

Win a prize: a Hex Factor sample challenge

Showing you a little more of what you can do or see during 24 & 25 September. The Hex Factor will be a challenge where people are introduced to the world of security in all its different aspects, or where experienced professionals can improve their current skill set. It is not only a contest for the most elite hacker(s), the challenges are broad and meant to be fun for everyone. Visit the BruCON wiki to see more details about this challenge.

There will be prices for the winners, starting from Tshirts up to some cool hardware prices. More updates on this in the coming weeks. But you can already win a small price now. Below is a sample challenge that will give you the following price:
The challenge will be open till Monday 9th of August 10:00 (GMT+1).

We are looking for a location in Brussels. The picture on this page contains all the information needed for the challenge.



a) what is the location we are looking for ?
b) which famous statue can be found in the vicinity of this location ?
c) how was the "secret" information hidden in the picture on this website ?
d) how did you find the location we were looking for ?
* bonus :
e) give at least 4 websites that host the file which contained the location ? (more is better)


Send your answers to: contest @ brucon.org

Want to try more? Come play the first edition of the 2010 Hex Factor Challenge in Brussels on 24 & 25 September.

More information about the team can be found on their homepage http://www.thehexfactor.org and for the latest developments/solutions of last year, see their blog http://blog.thehexfactor.org

Jul 27, 2010

Beer workshop @ BruCON

We promised more content and more surprises and here is the next one: a beer workshop. Since Belgium is known for its beers, we thought it would be fun on how to learn how to hack together your own beer. Machtelt gave this workshop at Hacking at Random and she is willing to give this workshop also at BruCON.
Brewing a great Belgian-style double-fermentation beer, includes tasting and taking some home. You will learn the steps in the process, everything is demonstrated, lots of info about where to get ingredients, materials, small hacks to make your life as a brewer easier. The process takes about 2 months, but everything is prepared so we can cut the waiting time.
We want to know if there is enough interest in the workshop because it takes time and materials to prepare. So if you are interested, please let us know (poll).

Jun 30, 2010

First Diamond sponsors

"BruCON is proud to announce two of the confirmed Diamond sponsors for our conference:






Both organizations were sponsors in our first edition last year and we are very happy to receive their support and commitment again to make this non-profit conference an open platform to discuss of critical infosec issues, privacy, information technology and its cultural/technical implications on society.

Some of our sponsors will be present during the conference with a small booth providing some presents for our visitors. We encourage you to pay them a visit to see what they have to say.

Hardhack.org featuring at BruCON

Our hardware hacking area with Mitch Altman will be joined by the hardhack.org crew!
hardhack.org is a hands-on hardware event. It will include hands-on workshops and demos showcasing a large variety of open source hardware, hardware kits, and hardware hacking. The workshops includes soldering, firmware hacking, and other open source hardware topics. Our aim is to encourage hands-on exploration of hardware rather than presentations. Kits will be for sale at the event and tools will be provided.
As we said, we still have some surprises for the coming BruCON event. And what is even better! Fridayevening will be Fracknight, meaning open and free access to the hardhack area for everyone!!! The only limitation is our venuecapacity... as long as we don't exceed the 400 people for firesafety reasons, you are free to come to BruCON and have fun with us in the hardware hacking area! (from 20:00 till ????). The bar will also remain open of course.
Come solder your first brainwave machine or TV-b-Gone or whatever crazy invention you're bringing yourself!!! There will be several workshops during the day including a DIY arcade box workshop.

We have more good news but let's not spoil everything at once. The only bad news is that you have to wait till 24th of September for all the fun at BruCON!!!

Jun 23, 2010

Bonus: 2 extra presentations and 1 workshop

With 7 days to go before the end of our early bird tickets, we are announcing some bonus presentations and workshops:
Have a look at the complete schedule at

http://2010.brucon.org/index.php/Schedule


Keep tuned to our RSS feed or mailinglist since we have MORE surprises for you coming!!! Don't forget the early bird will end for our training sessions as well!

Jun 16, 2010

BruCON - The Barcelona connection

Another security conference is taking place in the same week as BruCON in Barcelona, Spain but luckily not on the same days. This created a great opportunity to visit both conferences.

Although we are not officially affiliated, SOURCE Barcelona has offered BruCON attendees a 50% discount to visit their conference. Simply use the code "SOURCEBru10" at registration - (www.sourceconference.com). With flights starting at 109 euro between BRU and MAD, this could be a tempting offer.

Tapas in Barcelona, beers in Brussels? You decide.

Jun 15, 2010

BruCON speaker/trainer at OWASP BE meeting Wednesday 16th of June on SQL injection

Joe McCray is in Brussels and will give a talk on SQL injection at an extra OWASP BE Meeting Wednesday 16th of June.

Joe is a also a BruCON 2010 speaker and trainer. He will give a presentation on "You Spent All That Money And You Still Got Owned" next September.

Abstract: This talk will focus on practical methods of identifying and bypassing modern enterprise class security solutions such as Load Balancers, both Network and Host-based Intrusion Prevention Systems (IPSs), Web Application Firewalls (WAFs), and Network Access Control Solutions (NAC).

The goal of this talk is to show IT Personnel the common weaknesses in popular security products and how those products should be configured.

He is also giving a pentesting class based on this called Pentesting High Security Environments.

This course will focus on penetration testing techniques that can be used when testing highly secured environments such as 3-letter agencies, DoD, financial organizations, federal organizations, and large companies. If you are tired of attacking unpatched Windows 2000 Servers in your hacking courses and want to take a course where you will be attacking new Operating Systems/Applications that are patched, locked down, and protected with an IDS/IPS then this is the course for you.

The first day of the course starts with attacking heavily protected environments from the outside and dealing with Network-Based IDS/IPS. Next is attacking web applications and dealing with Load Balancing, common application security measures in PHP/ASP.NET, and Web Application Firewalls.

The second day covers attacking from the LAN, dealing with NAC solutions, locked down workstations/GPOs, and Host-Based IDS/IPS. The last section of the course covers gaining control of Active Directory.

Joe McCray has 8 years of experience in the security industry with a diverse background that includes network and web application penetration testing, forensics, training, and regulatory compliance. Joe is a frequent presenter at security conferences, and has taught the CISSP, CEH, CHFI, Security+, and Web Application Security at Johns Hopkins University (JHU), University of Maryland Baltimore College (UMBC), and several other technical training centers across the country.

Want to join the OWASP BE Meeting????

WHEN

June 16th 2010 18h-20h

WHERE

Location is sponsored by Zenitel Belgium.

Location: Zenitel Belgium, Z.1. Research Park 110 – 1731 Zelli! k, Belgium (same building as http://www.u2u.net/Route.aspx)

PROGRAM

* 18h00 - 18h30: Welcome & Refreshments
* 18h30 - 18h45: OWASP Update (by Sebastien Deleersnyder, Zenitel, OWASP Board)
* 18h45 - 20h00: Advanced SQL Injection (by Joe McCray, Learn Security Online)

More information can be found at http://www.owasp.org/index.php/Belgium#tab=Chapter_Meetings .

WHO should attend?

Anyone interested in Web Application Security (management, security
professionals, developers, students, etc). OWASP Belgium chapter
membership is free. All meetings are free. There are never vendor
pitches or sales presentations at OWASP meetings.

Check our chapter page http://www.owasp.org/index.php/Belgium on
meeting details, sign up to the chapter mailing list and introduce
yourself.

REGISTRATION

Please send a mail to 'belgium at owasp.org' if you plan to attend,
so we can size the venue appropriately and keep you updated on
last-minute changes.

Jun 3, 2010

Be a part of BruCON. Give a lightning talk!

Do you have something interesting to share and you can tell it in 5 minutes? Go to our wiki and sign up for a lightning talk! It doesn't have to be mindblowing research or 0-days, your favorite tool or project might interesting to others as well!! Lightning talks are presentations of about 5 minutes. Death by bulletpoint is not allowed.

One of our speakers Craig Balding together with blogger Chris John Riley proposed to coordinate the lightning talks which will result in a both educational and entertaining hour. This year the talks will be held on the main stage. Word got out quickly and a lot of the slots have already been taken so be fast to get one of the last ones!

More details on
http://2010.brucon.org/index.php/Lightning_Talks

Note: To avoid unnecessary questions, you will get nothing in return for giving a lightning talk. Except 5 minutes on the spotlight, interesting feedback and maybe a beer from someone in the audience.

May 26, 2010

Updates on BruCON 2010 Presentations and Workshops

If you weren't sure about buying a ticket for BruCON, we updated our schedule page with updates on the BruCON 2010 presentations and workshops. A final schedule will appear by August but these are the details on the confirmed talks and workshops.

BUT this is not all, there are few MORE things we have in mind for you and we will publish them in the next weeks. Let's say we don't want to spoil all the surprises at once.

Be aware that there are only a handful of "early bird" basic ticket left. So be fast. These tickets include all the meals for two days if you want to compare these prices to other events. We still run as a non-profit event run by volunteers. Feel free to support us any way you feel like.

Training sessions are still available before the conference and you can get some unique courses by international experts you won't find anywhere else.

List of trainings:

May 10, 2010

Three extra good reasons to attend BruCON

Besides the schedule we are about to launch, we will give you three extra good reasons to attend BruCON:
  1. The Hex Factor: this test of your skills will be back to teach everyone from beginner to advanced expert, network admin to pentester some new tricks. Learn more about The Hex Factor on http://www.thehexfactor.org and follow their blog as well! They will release the solutions from 2009 on their blog on a weekly basis! They launched the first one todat! More on http://blog.thehexfactor.org/
  2. Live Podcaster Meetup: Several security podcasts will give a live show with prices during BruCON. These will include: Pauldotcom, Exotic Liability, Eurotrash Security and Tracsec. Tune in to some of these podcast to get some inside news on BruCON 2010.
  3. Hardware hacking Lab: Learn to make fun things with Microcontrollers: Mitch Altman with some other people will give some fun workshops on how to hack/build your own projects. This might be from making you own LED blinking board to making you own arcade box. For all levels from beginner to advanced user. Bring your own projects to work on or buy some kits here. Let's warm up those soldering irons.
Ticket sales started over a month ago and more then half of Early bird tickets are gone, so don't wait too long to buy your ticket at a discount!

May 3, 2010

BruCON 2010 Keynote: Memoirs of a Data Security Street Fighter by Mikko Hypponen

While we are reviewing all the CFP submissions, we can already disclose our 2010 Keynote speaker: Mikko Hypponen with "Memoirs of a Data Security Street Fighter"

Abstract:

- 20 years, and what have we got?
- Where did we go wrong?
- Why can't we fix these things?
- Is it going to get better or worse?

Bio:

Mikko Hypponen is the Chief Research Officer for F-Secure. He named the Storm worm. He spoke at the legendary Rubicon conference in Detroit before it was shut down. He holds US patent 6,577,920. He does his own stunts.

Expect more news about our upcoming schedule in the next weeks so keep tuned to our news channels!

Apr 23, 2010

2010 Sneak peek: Presentation from Paul Asadoorian: Embedded System Hacking and My Plot To Take Over The World

We are happy to announce that Paul Asadoorian, also known from the @Pauldotcom security podcast, will be giving a presentation at BruCON. "Embedded System Hacking and My Plot To Take Over The World". This is just one of the many excellent presentations and workshops we have in store for the 2010 edition. More will be announced in the coming days.

Abstract:
Embedded systems, the purpose-built systems that encompass our world pose a threat to your data and infrastructure more than ever before. It seems that as Moore's law is proven time and time again, we as a society are seeing more and more embedded systems help us in our daily lives. Each time we use the computer on our home cable modem network, print an important document, or use a wireless network there is typically some kind of embedded system involved. These systems now represent the carriers of our data, from your computer to your online backing site, from the coffee shop network back to your corporate VPN. While embedded systems have made our lives easier, security is largely an afterthought. This presentation will take a look at common vulnerabilities in popular embedded systems that carry sensitive data every day.
Paul is also giving training during the BruCON training sessions on 22&23 September: Advanced Vulnerability Scanning Techniquess Using Nessus. Have a look at our entire training sessions for other excellent education opportunities.

Keep tuned for more announcements. Don't forget, you can still submit to our Call for Participation till next week!!!

Previous posts:

Apr 12, 2010

Announcing 1st Workshop: Malicious PDF Analysis

Our ticket sales started a few weeks ago. Although our CFP is still running, we'll start giving sneak peeks in the upcoming program of the 2010 BruCON edition. This might convince some of you to grab that ticket at early bird price since some of them are limited in number.

With great pleasure we are announcing an exclusive workshop from Belgian security researcher Didier Stevens! And what better subject it could be then a workshop in Malicious PDF analysis!

Workshops are part of the conference and we will announce more about these and upcoming presentations in the coming week so keep tuned! Also take a look at the BruCON training tracks prior to the conference.

Abstract:

This workshop will teach you the fundamentals you need to know to analyze (malicious) PDF documents. Didier Stevens will familiarize you with PDFiD and pdf-parser, two essential tools for PDF analysis he authored. The workshop is hands-on: bring your laptop, start the VM we provide you (VMware or VirtualBox) and you're ready to go! Contained in the Linux VM are the tools and PoC samples to do the exercises of the workshop. We start with a very simple, PoC malicious PDF file (you could even analyze this PoC file with Notepad or vi) to lay out the fundamentals, and then work through more complex examples.

Each attendee will receive a copy of a 20+ page PDF analysis document Didier Stevens authored. And yes, this document will be provided in the Portable Document Format, but hey, when you succesfully complete this workshop, you will know how to identify malicious PDF files ;-)

Bio:

Didier Stevens (CISSP, GSSP-C, MCSD .NET, MCSE/Security, RHCT, OSWP) is an IT Security Consultant currently working at a large Belgian financial corporation. He is employed by Contraste Europe NV, an IT Consulting Services company (www.contraste.com). You can find his open source security tools on his IT security related blog at blog.DidierStevens.com.

Didier is a well-known expert on malicious PDF documents and authored the tools PDFiD and pdf-parser to assist with the analysis of PDF documents. PDFiD is one of the engines running on VirusTotal.

Mar 22, 2010

Announcing BruCON Training #5: Advanced Vulnerability Scanning Techniques Using Nessus by Paul Asadoorian (@pauldotcom)

Course abstract:

This course teaches advanced scanning techniques by using a real-world scenario to demonstrate how these techniques help to solve problems in an example work environment. In this course you (or you and your team) will take on the role of a brand new security engineer for a financial company. You will be tasked with configuring and auditing a system to be used within your network environment. The system, and associated applications, make up the environment used to manage the business. Currently, the old systems are in place and an upgrade is planned. The current vulnerability scanning process takes over a week to complete and there is duplication of effort and a known false positive rate. Additionally, breaches have occurred on the network and your company is in jeopardy of being fined due to compliance violations. The vulnerability management process is missing vulnerabilities that were exploited by attackers. A sample system has been provided for you, that exactly mirrors what will be used in production, right down to the passwords and configuration.


Paul Asadoorian - Biography

Paul Asadoorian is currently the “Product Evangelist” for Tenable Network Security, where he showcases vulnerability scanning and management through blogs, podcasts and videos. Paul is also the founder of PaulDotCom, an organization centered around the award winning “PaulDotCom Security Weekly” podcast that brings listeners the latest in security news, vulnerabilities, research and interviews with the security industry’s finest. Paul has a background in penetration testing, intrusion detection, and is the author of “WRT54G Ultimate Hacking”, a book dedicated to hacking Linksys routers.

More information on the course can be found here.

Related posts:

Mar 17, 2010

Early bird tickets will be available starting Monday 22 March

This is a little advance notice that our ticket sales will start on Monday 22 March around 13:00 GMT+.

Tickets will be available starting at 90 euro including three meals (breakfast, lunch and dinner) for both days! We are convinced this will be affordable for everyone and was only made possible by all the volunteers organizing and helping out at the conference as well as the organizations supporting us.

Our schedule is not available yet as our Call for Papers still runs till the 30th of April. If you have a fun idea, topic or workshop idea for the conference, please let us know!

To have an impression of what our conference has to offer, have a look at last year's edition.

If you need travel and lodging advice, please have a look at our Travel page.

You can read about all the details and conditions of our tickets at
http://2010.brucon.org/index.php/Tickets

Don't wait to buy your ticket as we only have 400 seats!

Mar 16, 2010

Announcing BruCON Training #4: Assessing and Exploiting Web Applications with Samurai-WTF

Course abstract:

This course will focus on using open source tools to perform web application assessments. The course will take attendees through the process of application assessment using the open source tools included in the Samurai Web Testing Framework Live CD (Samurai-WTF). Day one will take students through the steps and open source tools used to assess applications for vulnerabilities. Day two will focus on the exploitation of web app vulnerabilities, spending half the day on server side attacks and the other half of the day on client side attacks. The latest tools and techniques will be use throughout the course, including several tools developed by the trainers themselves.

Justin Searle - Biography

Justin Searle, a Senior Security Analyst with InGuardians, specializes in penetration testing and security architecture. Justin currently leads the Smart Grid Architecture group of the Cybersecurity Coordination Task Group (CSCTG) for the National Institute of Standards and Technologies (NIST) and serves as a member of the Architecture Board for the Advanced Security Acceleration Project for the Smart Grid (ASAP-SG) group.
Previously, Justin served as JetBlue Airway’s IT Security Architect and has provided top-tier support for the largest supercomputers in the world. Justin has taught hacking techniques, forensics, networking, and intrusion detection courses for multiple universities and corporations.
Justin has presented at top security conferences including DEFCON, ToorCon, ShmooCon, and SANS. In his rapidly dwindling spare time, Justin co-leads prominent open source projects including The Middler, Samurai Web Testing Framework, and the social networking pentest tools: Yokoso! and Laudnum. Justin has an MBA in International Technology and is CISSP and SANS GIAC-certified in incident handling and hacker techniques (GCIH) and intrusion analysis (GCIA).

More information on the course can be found here.

Related posts:

Mar 8, 2010

Announcing BruCON Training #3: Social engineering (for pentesters)

In 2007, one of the biggest diamond robberies ever found place. The thief used no violence. He used one weapon -- his charm -- to gain confidence. He bought chocolates for the personnel, he was a nice guy, he charmed them, got the original of keys to make copies and got information on where the diamonds were. You can have all the safety and security you want, but if someone uses their charm to mislead people it won't help.

Course abstract: Social engineering attacks can have disastrous consequences, both financially and reputationally. You can have the best technical security controls in the world, from the most expensive firewall to the most sophisticated biometrics, but they will not protect you from a social engineering attack. In any security program, people are the weakest link. Social engineering tests can be used to evaluate and strengthen this link.

Like any penetration test, social engineering tests can help to identify security weaknesses that could allow your IT systems to be compromised. Such tests can:

  • Give a good indication of and even improve your staff’s level of security awareness
  • Teach your staff how to identify and deal with social engineering situations
  • Provide valuable recommendations on both security awareness and physical security
However, it can be difficult to know how to conduct a social engineering test. This two-day training course will teach participants how to conduct an ethical social engineering test, the theory behind social engineering, as well as giving recommendations on how to defend against social engineers. The course will include practical exercises and is open to anyone with an interest in social engineering.

Sharon Conheady – Biography

Sharon Conheady is a Director at First Defence Information Security in the UK where she specializes in social engineering. She has social engineered her way into dozens of organizations across the UK and abroad, including company offices, sports stadiums, government facilities and more. She has presented on social engineering at security conferences including Deepsec, Recon, Brucon, CONFidence, ISSE, ISF, SANS Secure Europe and more.

After inventing the Internet alongside Al Gore, Sharon moved on to the development of security protocols that were used to crack 128 bit encryption. She holds a degree in Computer Science from Trinity College Dublin and a MSc in Information Security from Westminster University. Three times winner of the Nobel Prize, Sharon enjoys belly dancing and space travel.

If you see Sharon around your office, she kindly requests that you open the door to let her in.

Martin Law – Biography

Martin Law has over 19 years security expertise and has been performing social engineering tests since 1994. He specializes in accessing datacenters by using social engineering techniques and bypassing physical security like a geeky James Bond.

Martin also undertakes investigations into actual or suspected security breaches, and specializes in the area of Information Warfare. He attempts to breach not only the logical security of systems and networks, but also the physical security of the infrastructure and buildings, including the use of social engineering when engaged in an “All-Out-Attack” against an enterprise.

“If you can't go through the firewall, go through the secretary” -- Sharon Conheady

More information on the course can be found here.

Mar 4, 2010

Announcing BruCON Training #2: A crash course in pentesting and securing VOIP networks

BruCON is proud to announce this second training session. More training sessions will be published in the following days, so check back regularly.

Abstract:

As VoIP networks become more and more part of the way organizations communicate, security professionals need to understand their strengths and weaknesses. This knowledge will help them make sound decisions on the security (or lack of) of their VoIP system and network.

Attendees who follow the VoIP security training will gain valuable hands-on experience in testing VoIP equipment and networks. During the training they will make use of existent security tools as well as custom built tools to help them get the job done.

These are some of the hands-on topics that are covered:
  • VLAN Hopping
  • Fingerprinting VoIP devices
  • Abusing SIP
  • Toll fraud issues
  • Wiretapping VoIP phone calls
  • Denial of service attacks
  • Attacks on VoIP configuration interfaces
    • web application attacks
    • default configuration issues
  • Covert channels through VoIP
BIO trainers:

Sandro Gauci is the owner and Founder of EnableSecurity (www.enablesecurity.com) where he performs R&D and security consultancy for mid-sized companies. Sandro has over 9 years experience in the security industry and is focused on analysis of security challenges and providing solutions to such threats. His passion is vulnerability research and has previously worked together with various vendors such as Microsoft and Sun to fix security holes. Sandro is the author of the free VoIP security scanning suite SIPVicious (sipvicious.org) and VOIPPACK for CANVAS.

Joffrey CZARNY, working for Devoteam Security Business Unit (FR). Since 2001, Joffrey is a pentester, he has released advisories on VoIP Cisco products and spoken at various security-focused conferences (Wireless Conference at Infosec Paris and Wireless Workshop at Hack.lu 2005, VoIP at Hack.lu 2007/2008 and ITunderground 2008/2009). On his site, www.insomnihack.net, he maintains the Elsenot project ("http://insomnihack.net/elsenot/") and posts video tutorials and tools on several security aspects.

For more information, visit our website.

http://2010.brucon.org/index.php/Training

Related posts:

Announcing BruCON Training #1: Pentesting High Security Environments

BruCON is offering for a second year some state of the art training sessions at an affordable price. The first training we announce is "Pentesting High Security Environments". More training sessions will be published in the following days, so check back regularly.

Abstract:

This course will focus on penetration testing techniques that can be used when testing highly secured environments such as 3-letter agencies, DoD, financial organizations, federal organizations, and large companies. If you are tired of attacking unpatched Windows 2000 Servers in your hacking courses and want to take a course where you will be attacking new Operating Systems/Applications that are patched, locked down, and protected with an IDS/IPS then this is the course for you.

The first day of the course starts with attacking heavily protected environments from the outside and dealing with Network-Based IDS/IPS. Next is attacking web applications and dealing with Load Balancing, common application security measures in PHP/ASP.NET, and Web Application Firewalls.

The second day covers attacking from the LAN, dealing with NAC solutions, locked down workstations/GPOs, and Host-Based IDS/IPS. The last section of the course covers gaining control of Active Directory.

BIO Trainer:

Joe McCray has 8 years of experience in the security industry with a diverse background that includes network and web application penetration testing, forensics, training, and regulatory compliance. Joe is a frequent presenter at security conferences, and has taught the CISSP, CEH, CHFI, Security+, and Web Application Security at Johns Hopkins University (JHU), University of Maryland Baltimore College (UMBC), and several other technical training centers across the country.

For more information, visit our website:

http://2010.brucon.org/index.php/Training

Feb 15, 2010

BruCON 2010: Call for Papers

Call for Papers BruCON.v2 2010: Hacking for B33r
================================

Brussels, Belgium -- This is a call for papers and participation for the second BruCON edition, a 2-day Security and Hacking Conference, full of interesting presentations, workshops and security challenges.

BruCON is an open-minded gathering of people discussing computer security, privacy, and information technology. The conference tries to create bridges between the various actors active in computer security world, included but not limited to hackers, security professionals, security communities, non-profit organizations, CERTs, students, law enforcement agencies,.....

The conference will be held in Brussels (24 & 25 September 2010) at The Surfhouse(www.surfhouse.be).

Scope
====

Topics of interest include, but are not limited to :

* Electronic/Digital Privacy
* Wireless Network and Security
* Attacks on Information Systems and/or Digital Information Storage
* Web Application and Web Services Security
* Lockpicking & physical security
* Honeypots/Honeynets
* Spyware, Phishing and Botnets (Distributed attacks)
* Hardware hacking, embedded systems and other electronic devices
* Mobile devices exploitation, Symbian, P2K and bluetooth technologies
* Electronic Voting
* Free Software and Security
* Legal and Social Aspect of Information Security
* Software Engineering and Security
* Security in Information Retrieval
* Security aspects in SCADA, industrial environments and "obscure" networks
* Forensics and Anti-Forensics
* Mobile communications security and vulnerabilities
* Information warfare and industrial espionage
* Social Engineering
* Virtualisation Security
* ...

Deadlines
======

The following dates are important if you want to participate in the CfP
  • Abstract submission: no later than 30th of April 2010
  • Notification date: around mid May 2010
  • Full paper/presentation submission: no later than 31th of July 2010
Submissions can be entered at https://cfp.BruCON.org/submission

For further information and questions, please feel free to contact cfp at_sign BruCON.org


Submission Guideline (for standard paper track)
==============================

Authors are encouraged to submit a paper in English or presentation slides, using a non-proprietary and open electronic format.

Abstract is up to 500 words. Submissions must be sent via https://cfp.BruCON.org/submission.
You can contact us if any errors or issues occur.

The program committee will review all papers and the author of each paper will be notified of the result, by electronic means.

The more details you provide, the more chance you have to get your talk approved!

Submissions should also include the following:

1. Presenter, and geographical location (country of origin/passport) and contact info.
2. Brief biography, list of publications or papers.
3. Any significant presentation and/or educational experience/background.
4. Reason why this material is innovative or significant to the BruCON audience
5. Optionally, any samples of prepared material or outlines ready.
6. Information about if yes or no the submission has already been presented and where.

The information will be used only for the sole purpose of the BruCON conference including the information on the public website.

We do not accept product or vendor related pitches. If your presentation involves an advertisement for a new product or service your company is offering, please do not submit. BruCON presentations should be focused on topics that are of interest to security and technology professionals who are paying attention to current trends and issues.
We want BruCON to be educational and entertaining to the attendees and the community.

Additional Speakers Info
===============

BruCON is a non-profit oriented event by and for the security and hacking community and speakers are not paid. But you will get free access to the conference and afterparty besides a visit to one of our breweries. Additionally, speakers get a bottle of "Westvleteren" beer for giving a talk.

However, financial help on travel expenses and accommodation is possible. It needs to be agreed upon after acceptance of the submission, though. Feel free to state your requirements in the application when submitting your lecture with a cost estimate and we'll work something out!

Lectures should not exceed 45 minutes plus up to 10 minutes for questions and answers. The spoken language of a lecture will be English.

Publication and Rights
==============

Authors keep the full rights on their publication/papers but give an right to redistribute their papers for the BruCON conference and its related electronic/paper publication under a CC-BY-NC-be license.


Sponsoring and Donations
================

If you want to support the initiative, please contact us by writing an e-mail to sponsors at_sign BruCON.org


Lightning Sessions and Workshops
=====================

During the conference, several spaces will be made available for lightning talks and workshops.

A lightning talk is a very short presentation of about 4 minutes to present an idea, a concept, a program or a cool website. About 12 persons can present during one hour.

Every BruCON attendee is very welcome to participate to submit small ideas, presentations or workshops. The acceptance process is on a first come basis and open to anyone willing to take an active role during the conference.

The following resources are available to stay up to speed with the event:

• BruCON website : http://2010.brucon.org/
• BruCON on Twitter : http://twitter.com/brucon
• BruCON on LinkedIN : http://www.linkedin.com/groups?gid=1777141
• BruCON Blog : http://blog.brucon.org/
• BruCON Mailinglist : http://mailman.brucon.org/mailman/listinfo/brucon-announce

Feb 9, 2010

Call for Volunteers BruCON 2010

As things are starting to pick up for the 2010 edition, it's time to get all the teams organized. As BruCON is a not-for-profit and fun event for the community, we need volunteers to support it.

The purpose of this meeting is to discuss the organization of the different teams and to see who wants to take the lead in some of the teams. Everybody is welcome but we will try to work in a different way meeting-wise compared to next year..

We welcome all feedback to the event, even if you are not a volunteer or can't be physical present for meetinga. Got a cool idea for a contest, workshop or something else, then join the mailinglist and mention your idea.

Please meet us on Wednesday the 17th of Feb at our usual meeting place around 18:30.

Location: Café Le dome
Bd. du Jardin Botanique 12-13
1000 Brussels
(Google maps)

It's just in front of the Underground Parking Rogierplein and a few minutes walk from the Brussels North Trainstation.

If you can't make it, feel free to mention what you want to do and send us an email. We want to thank everyone of the community in advance for their help and dedication, because you are the ones that make BruCON work!

The BruCON Coreteam.