CSides Monthly Security MeetupsCSides Monthly Security Meetups provide an opportunity to listen to and share security research within the Canberra region. The meeting occurs normally on the 3rd Friday of every month. Each meetup consists of 1-2 talks of around 30 mins each. Talks start at 6pm and are followed by some socialising at a local pub.
New attendees are welcome, just come along! (There are no entry fees, and no tickets to book)
The talks at CSides are technical. CSides welcomes new and interesting speakers to present - the topic will be on a technical or security issue. As a speaker you can be an expert, a student, someone learning a new area or maybe a regular speaker on the conference circuit, but we also love to have new and occasional speakers. Please contact one of the organisers below if you are interested in speaking.
You are very welcome to propose running activites other than talks, such as hands-on workshops, an infosec quiz or something else relevant to our techie audience!
- Room N101
CSIT Building ANU
Acton ACT 2601
- Wig & Pen
William Herbert Place,
Canberra ACT 2601
- Silvio Cesare
Friday 20th October
Friday 17th November
Please ensure you come around to the back of the building, no one can enter through the front after 5pm. Please refer to the following map
Friday 8th September 2017
Talk 1: USB DropWhat happens when you drop 100 USBs between Sydney & Canberra? Over the course of a few weeks my team, a few volunteers & I decided to scatter a few seemingly harmless USB keys around and to see what happens. This talk will go through the why, the method, outcomes of the drop and what we’d do differently next time.
Edward FarrellEdward Farrell runs a security practice out of Sydney.
Talk 2: 1001 Puzzles for Geeks: Volume 1There's a new crew from Canberra tearing up the international CTF circuit just about every time they can remember to show up to the InfoSect warehouse and exhaust themselves with puzzles for a whole weekend. They claim it's not all about winning but the look of exhilaration when they see a flag on their display makes that a pretty obvious lie. The InfoSect CTF team (collective? coven?) has placed 20th, 6th and 3rd in recently played events, typically out of a few hundred teams who participate and score at least one point. In this talk, we'll take a brief run through some of the most interesting challenges the team has solved in the last few months, and get an overview of some of the tools and approaches used. There'll also be a discussion on how some of us got into such a fun-strating hobby and how you can start truly enjoying your weekend relaxation time like us.
Matt BrindleyMatt Brindley is a secure systems developer at the Australian Department of Defence with a focus on application development, system analysis and forensics. He's got a history of being a puzzle dork, played the BSides AU CTF with the CyBears, and has shown a recent pivot into masochism by playing online CTFs in earnest with an array of friends from the InfoSect community.
Friday 18th August 2017
Talk 1: Rust SecurityEvery programming language is a compromise. For instance, features that improve developer productivity might limit runtime performance and so on. When it comes to security, languages typically look to options such as garbage collection to provide a level of memory safety or encourage coding standards and static analysis to reduce bugs. This talk will look at some of the unique compromises Rust makes to try and offer its developers "safety, concurrency, and speed".
Cameron FordCameron is enthusiastic about security and software development. As a day job this means leading a small team developing tools to make red teaming faster and more reliable. In his own time Cameron can be found deving on other interesting problems that have caught his attention.
Friday 14th July 2017
Talk 1: CFG BypassCFG is meant to be robust against Arbitrary Writes from a remote attacker through its usage of Mutable Read Only Data, but Microsoft acknowledges that attacks against Mutable Read Only Data do exist and that additional work is required in future versions of Windows to fully protect CFG against them. In this talk, we'll show practical examples of such attacks, which effectively mean that in the context of for example, a browser, an arbitrary read/write primitive (or simply, arbitrary write + info leak) can be used to bypass Mutable Read Only Data, which can then be used to bypass CFG.
Alex IonescuAlex Ionescu is the Vice President of EDR Strategy at CrowdStrike, Inc., where he started as its Chief Architect almost six years ago. Alex is a world-class security architect and consultant expert in low-level system software, kernel development, security training, and reverse engineering. He is coauthor of the last three editions of the Windows Internals series, along with Mark Russinovich and David Solomon. His work has led to the fixing of many critical kernel vulnerabilities, as well as over a few dozen non-security bugs.
Previously, Alex was the lead kernel developer for ReactOS, an open source Windows clone written from scratch, for which he wrote most of the Windows NT-based subsystems. During his studies in Computer Science, Alex worked at Apple on the iOS kernel, boot loader, and drivers on the original core platform team behind the iPhone, iPad and AppleTV.
Alex is also the founder of Winsider Seminars & Solutions Inc., a company that specializes in low-level system software, reverse engineering and security trainings for various organizations.
Talk 2: Not-so-bad USBRemember Bad USB? An attack so bad that every USB chip vendor recalled their products and fixed the problem? Well this talk is on my progress in trying to get it working on cheap Officeworks drives. This involves a number of broken drives and staring at hex dumps.
What will be covered:
- Quick overview of Bad USB and the drives in question.
- Obtaining files and documentation needed.
- Reversing the files and API commands used.
- Tools used and made.
- Issues encountered.