• CSides Monthly Meetups

CSides Monthly Security Meetups

CSides Monthly Security Meetups provide an opportunity to listen to and share security research within the Canberra region. The meeting occurs normally on the 3rd Friday of every month. Each meetup consists of 1-2 talks of around 30 mins each. Talks start at 6pm and are followed by some socialising at a local pub.

New attendees are welcome, just come along! (There are no entry fees, and no tickets to book)

The talks at CSides are technical. CSides welcomes new and interesting speakers to present - the topic will be on a technical or security issue. As a speaker you can be an expert, a student, someone learning a new area or maybe a regular speaker on the conference circuit, but we also love to have new and occasional speakers. Please contact one of the organisers below if you are interested in speaking.

You are very welcome to propose running activites other than talks, such as hands-on workshops, an infosec quiz or something else relevant to our techie audience!

Location:

Room N101
CSIT Building ANU

Acton ACT 2601

Time:

6pm

Afterwards:

Wig & Pen
William Herbert Place,

Canberra ACT 2601

Organisers:

Silvio Cesare
Kylie McDevitt

Future Dates:

CSides will return June 2018, the break allowing us to spend time organising BSides Canberra 2018.

Please ensure you come around to the back of the building, no one can enter through the front after 5pm. Please refer to the following map

Friday 17th November 2017

Talk 1: Swift Security

New programming languages are advertised to have a wide array of improved security features that mitigate against unsafe code. Amongst other things, Apple Swift advertises that variables are always initialized before use, arrays and integers are checked for overflow, and memory is automatically managed. This talk will verify some of Apple's claims about Swift through the analysis of Swift binaries produced by the compilation process.

Christian Giuffre

Christian is intrigued by how things work on the inside. During the day he works in CrowdStrike's hunt team, finding hands on actors that have infiltrated networks across the globe. He has a particularly keen interest in understanding the implementation details of implants and binary tool kits.

Talk 2: Gophers, whales and.. clouds? Oh my!

Go, Docker and Microservices; some great technologies and buzzwords that we hear so much about on the development side of the fence, but how can we leverage these technologies to improve our offensive capacity? Armed with a passion for new tech, a vague theory, and an ‘nsa-o-matic’ approved project name; gopherblazer was born.
Whether through dockerising and improving existing tooling, leveraging Function-as-a-Service (FaaS) offerings, or just distributing offensive capabilities; I’ll share what I learned on my journey into improving my offensive capacity and productivity (while having an excuse to play with shiny technologies along the way!).

Glenn 'devalias' Grant

Glenn ‘devalias’ Grant is a full-stack, polyglot developer with an acute interest in the offensive side of security. Whether building something new or finding the cracks to break in, there is always a solution to be found; even if it requires learning something entirely new. If you can improve/automate something, do it, and if you’ve put the effort in to do so, open-source it and share it with everyone else.
When not hacking and coding, Glenn can be found snowboarding the peaks of Japan, falling out of the sky, floating around underwater, or just finding the most efficient path between A and B (even if that’s over walls). Life is short. Do the things you love, embrace the unknown, live your dreams, and share your passion.

Past Talks:

Friday 13th October 2017

Talk 1: The CSI Effect: How does Digital Forensics in the real world compare to what you see on TV?

Alicia will give an insight into Digital Forensics in the AFP and how there is no such thing as a “typical” day. She will discuss the fact that even though real life forensics isn’t like what you see on TV, it’s still pretty cool! Alicia will touch on some of the cases she’s worked on and how digital evidence is critical to the investigation and prosecution of all crime types.

Alicia Peters

After completing an IT degree, Alicia started her full-time tech career with the ATO. While working there, she discovered the emerging “Computer Forensics” field and began tertiary study again. She’s now had her dream job with AFP Digital Forensics for over 10 years.

Talk 2: L2 Attacks against virtual devices

The growth of datacentre consolidation and on-demand compute has shifted the direction of computer networks to virtualisation. With the increasing popularity of programmable networks such as Cisco ACI and VMware NSX and the industry-wide push towards network automation, we are seeing more and more networks pushed down towards the hypervisor and implemented as virtual switches. This talk investigates traditional network attacks done against network hardware and how they apply to the virtualised network successors. I will cover L2 ARP attacks, VLAN hopping and STP.

Kylie McDevitt

Kylie studied Telco Engineering at ANU in the late 90s and has a Masters in Computer Networking with CSU. She has worked primarily within Network Engineering across government and private sectors and currently is a technical security consultant specialising in computer networks. In her spare time she enjoys building and breaking networks, pushing boundaries in security and knowledge.

Friday 9th September 2017

Talk 2: 1001 Puzzles for Geeks: Volume 1

There's a new crew from Canberra tearing up the international CTF circuit just about every time they can remember to show up to the InfoSect warehouse and exhaust themselves with puzzles for a whole weekend. They claim it's not all about winning but the look of exhilaration when they see a flag on their display makes that a pretty obvious lie. The InfoSect CTF team (collective? coven?) has placed 20th, 6th and 3rd in recently played events, typically out of a few hundred teams who participate and score at least one point. In this talk, we'll take a brief run through some of the most interesting challenges the team has solved in the last few months, and get an overview of some of the tools and approaches used. There'll also be a discussion on how some of us got into such a fun-strating hobby and how you can start truly enjoying your weekend relaxation time like us.

Matt Brindley

Matt Brindley is a secure systems developer at the Australian Department of Defence with a focus on application development, system analysis and forensics. He's got a history of being a puzzle dork, played the BSides AU CTF with the CyBears, and has shown a recent pivot into masochism by playing online CTFs in earnest with an array of friends from the InfoSect community.

Talk 1: An Introduction to Embedded Security

Silvio Cesare

Friday 18th August 2017

Talk 1: Rust Security

Every programming language is a compromise. For instance, features that improve developer productivity might limit runtime performance and so on. When it comes to security, languages typically look to options such as garbage collection to provide a level of memory safety or encourage coding standards and static analysis to reduce bugs. This talk will look at some of the unique compromises Rust makes to try and offer its developers "safety, concurrency, and speed".

Cameron Ford

Cameron is enthusiastic about security and software development. As a day job this means leading a small team developing tools to make red teaming faster and more reliable. In his own time Cameron can be found deving on other interesting problems that have caught his attention.

How to drop 100 USB keys into the wild

What happens when you drop 100 USBs between Sydney & Canberra? Over the course of a few weeks my team, a few volunteers & I decided to scatter a few seemingly harmless USB keys around and to see what happens. This talk will go through the why, the method, outcomes of the drop and what we’d do differently next time.

Edward Farrell

Edward Farrell runs a security practice out of Sydney.

Friday 14th July 2017

Talk 1: CFG Bypass

CFG is meant to be robust against Arbitrary Writes from a remote attacker through its usage of Mutable Read Only Data, but Microsoft acknowledges that attacks against Mutable Read Only Data do exist and that additional work is required in future versions of Windows to fully protect CFG against them. In this talk, we'll show practical examples of such attacks, which effectively mean that in the context of for example, a browser, an arbitrary read/write primitive (or simply, arbitrary write + info leak) can be used to bypass Mutable Read Only Data, which can then be used to bypass CFG.

Alex Ionescu

Alex Ionescu is the Vice President of EDR Strategy at CrowdStrike, Inc., where he started as its Chief Architect almost six years ago. Alex is a world-class security architect and consultant expert in low-level system software, kernel development, security training, and reverse engineering. He is coauthor of the last three editions of the Windows Internals series, along with Mark Russinovich and David Solomon. His work has led to the fixing of many critical kernel vulnerabilities, as well as over a few dozen non-security bugs.
Previously, Alex was the lead kernel developer for ReactOS, an open source Windows clone written from scratch, for which he wrote most of the Windows NT-based subsystems. During his studies in Computer Science, Alex worked at Apple on the iOS kernel, boot loader, and drivers on the original core platform team behind the iPhone, iPad and AppleTV.
Alex is also the founder of Winsider Seminars & Solutions Inc., a company that specializes in low-level system software, reverse engineering and security trainings for various organizations.

Talk 2: Not-so-bad USB

Remember Bad USB? An attack so bad that every USB chip vendor recalled their products and fixed the problem? Well this talk is on my progress in trying to get it working on cheap Officeworks drives. This involves a number of broken drives and staring at hex dumps.
What will be covered:

• Quick overview of Bad USB and the drives in question.
• Obtaining files and documentation needed.
• Reversing the files and API commands used.
• Tools used and made.
• Issues encountered.

Peter Filmore

Peter doesn't like writing bio's. He occasionally makes flashing badges for conferences.

Friday 23rd June 2017

Talk 1: Deception Defence: what, why and how

The concept of deception security has been around since early 1990. However, its rate of adaption has been very slow. Deception security has been primarily used for research (ad-hoc hobbyist using honeypot systems or commercial rebranding of the same systems) and rarely as a protection mechanism. The security industry has a very limited understanding of Deception security and is not using it at its full capacity. This is presentation is based on my research on Deception security. I will take you through a fun journey from deception in real world to Deception Defence. I will describe a hand-picked selection of principles in Deception Defence and demo how you can implement Deception Defence using your current technology stack (and with no additional tool). Lastly, I will touch on how Deception can be used by an adversary, i.e. Deception Offence.

Dr. Pedram (pi3ch) Hayati

Just another dude who tries to follow his passion

Talk 2: Surpassing Napoleon: Invading Russia During the Winter

Back in the ancient days of BSides Canberra 2017, three (mostly) young people got together and attempted the inaugural Counter Intelligence Simulation - Maskirovka Winter. Much to the surprise of the team and the host Dan Kennedy of Context IS, they somehow managed to reach the top of the scoreboard. In this talk, the only team member brave/dumb enough to attempt the challenge of Canberra Winter will give an overview of the various aspects of the event, the tools and techniques used to solve them, and a number of issues encountered by the team. Topics that could potentially be covered include digital forensics for beginners, investigating pcaps for fun and profit, and a smattering of analytical tradecraft.

syngularity0

syn is just some guy who once accidentally rocked up to a hacker con and now doesn't know how to get off the bus. He is usually found applying caffeinated beverages directly to his mouth, he occasionally organises SecTalks in Canberra. Easily confused by both shiny things and computers, syn's latest infosec-related achievement was utterly failing to get ransomware running on deliberately vulnerable boxes.

Friday 19th May 2017

Talk 1: BSides Entertainment System - Wearable gaming but your princess is in another castle

Just before Christmas 1995, mum purchased a Nintendo Entertainment System and asked “how long should I let them play?” to which the answer was “let them use it as much as they want, the will get sick of it”. She is still waiting for that day. In a never ending quest to make things work where they shouldn’t, the BSides NES emulator was born. Come with me across the mushroom kingdom to find hardware power ups and software pitfalls in a quest to build a device fit for a princess. Topics covered will include Arduino IDE, C/C++, MVC design, NES internals, Emulator basics, SPI, NodeMCU, Graphics and hardware optimisations.

Peter Rankin

Peter Rankin is a secure software developer for the Australian Department of Defence where he spends his time writing software applications for critical systems. Outside of work he enjoys making devices do things they shouldn’t and then never using them. Peter has previously worked as a software engineer for Robert Bosch and Thales Australia.

Talk 2: Bit Banging UART and SPI

Bit Banging is a means of communicating over physical interfaces. It works by using a microcontroller to set and sample IO lines. Bit Banging is popular method to implement support for a communications protocol on hardware lacking direct support and devices such as the Bus Pirate, GoodFET and JTagulator use it instead of providing dedicated hardware. In this talk, I will discuss my implementation of bit banging UART and SPI using an LPCXpresso 1769 ARM-based development board. SPI is the interface often seen in serial flash memory and UART is the popular serial communications interface that is common on embedded devices such as routers and IoT. A typical UART interface requires line settings such as the BAUD rate, which is different for each type of device and is required knowledge before communication occurs. Other more guessable line settings include how many data and stop bits there are, as well as knowing the parity setting. In my UART interfacing implementation I can automatically detect all of these line settings which makes it more versatile than typical UART interfacing devices. This talk is suitable for everyone with an interest in hardware, and due to the nature of bit banging, the majority of the heavy lifting is done in software.

Dr Silvio Cesare

Dr Silvio Cesare is an organiser of CSides and BSides Canberra. This year, along with co-organiser Kylie Peak, he has opened up InfoSect, an infosec hackerspace in Fyshwick.