Daniel Peck Principal Research Scientist, Barracuda Labs This will be a presentation focused on abusing web application APIs through the use of associated Android apps. We’ll demonstrate using the JVM based scripting language JRuby to
Kyle Wilhoit Trend Researcher, Trend Micro These attackers had a plan, they acted upon their plan, and they were successful…targeting SCADA devices that were Internet facing. This talk will profile, provide intelligence, and list actors that
Justin Seitz Senior Security Researcher, Immunity Inc. Python is the king (or queen depending on preference) of languages for security professionals, with massive adoption and many mature libraries used for a range of tasks from crafting raw
Jonathan Chow SVP & Chief Information Security Officer, Live Nation Entertainment When Jonathan Chow took the role of senior vice president and CISO at Live Nation he was stepping into unfamiliar territory. Walking away from an established,
Donato Ferrante Co-Founder & Security Researcher, ReVuln Ltd. There are two main ways to perform an attack. One way is to use 0-days and the other is to use old vulnerabilities. While using 0-days is an easy win, using old vulnerabilities
Ryan Huber Engineer, Risk I/O Application-Level Denial of Service (DoS) attacks are a threat to nearly everyone hosting content on the Internet. DoS attacks are simple to launch, but are often very difficult to defend against. Modern websites
Sandra Liepkalns Information Security Architect, Netrus Inc. We have the tools and technology to secure our systems and infrastructure, but people remain the weakest link. How many unencrypted USB sticks does it take to cause a Privacy Breach?
Paul Royal Research Consultant, Barracuda Labs Many people assume that it is safe to visit popular, long-lived websites. While anecdotal examples of popular website compromises (e.g., USAToday.com, PBS.org) contradict this expectation, there
Scott N. Wright President, Security Perspectives Inc. Since the USA PATRIOT Act of 2001 was put into law – effectively granting US government authorities more power to collect customer records from US-owned businesses, without warrants – many
Charlie Miller Security Engineer, Twitter There is a lot of hype out there about attacks on mobile devices. It’s enough to make you break out that old flip phone from 2005. In this talk, I’ll try to discern truth from reality. I’ll discuss how