Privacy in a Shifting Landscape

Leslie Fournier-Dupelle Governments have a unique responsibility when it comes to protecting personal information under their care for one simple reason: you can’t “vote with your feet” when it comes to filing your taxes, applying for benefits, registering to vote and so on. There has been a long understanding, underpinned by

Read more

The Avalanche of Vulnerabilities: How Fundamental Flaws in Accountability Have Lead to Increasingly Unmanageable Cybersecurity Risks

Mike Ahmadi The global expenditure of resources to manage cybersecurity issues continues to grow year over year, yet the cybersecurity challenges we are facing are rapidly outpacing our ability to get them under control. Consumers of software products (including government and business) have become increasingly reliant on software, yet we all

Read more

Remote Exploitation of an Unaltered Passenger Vehicle

Charlie Miller and Chris Valasek Although the hacking of automobiles is a topic often discussed, details regarding successful attacks, if ever made public, are non-comprehensive at best. The ambiguous nature of automotive security leads to narratives that are polar opposites: either we’re all going to die or our cars are perfectly safe.

Read more

Research in Cloud and Data Centre Security

Matthew Elder In this talk, we present three research projects conducted by Symantec Research Labs, the global research organization for Symantec, addressing the latest threats and new technologies in cloud and data center security. The first project is obfuscation research in data center security, called ShadowNet, which makes the

Read more

Tactics and Evolution of an Advanced Threat Actor

Artturi Lehtiö The tools used by advanced threat actors – so-called “APT groups” – are common fodder for whitepapers from information security companies. But what about the tactics of these threat actors? How do they actually use their tools? How do they proceed from the initial compromise of a targeted

Read more

BurpKit – Using WebKit to Own the Web!

Nadeem Douba Today’s web apps are developed using a mashup of client- and server-side technologies. Everything from sophisticated Javascript libraries to third-party web services are thrown into the mix. Over the years, we’ve been asked to test these web apps with security tools that haven’t evolved at the same pace. A common

Read more

DevOps for the Home

Kellman Meghu This is the story of one man’s personal trip to the cloud (and back) as he rebuilds his home network in a devops model, supported by virtual private cloud service. This presentation takes a micro look at cloud services, and the benefits and risks that come along with it for the average home 

Read more