CSides Monthly Security Meetups

CSides Monthly Security Meetups provide an opportunity to listen to and share security research within the Canberra region. The meeting occurs normally on the 2nd Friday of every month. Each meetup consists of 1-2 talks of around 30 mins each. Talks start at 6pm and are followed by some socialising at a local pub.

New attendees are welcome, just come along! (There are no entry fees, and no tickets to book)

The talks at CSides are technical. CSides welcomes new and interesting speakers to present - the topic will be on a technical or security issue. As a speaker you can be an expert, a student, someone learning a new area or maybe a regular speaker on the conference circuit, but we also love to have new and occasional speakers. Please contact one of the organisers below if you are interested in speaking.

You are very welcome to propose running activites other than talks, such as hands-on workshops, an infosec quiz or something else relevant to our techie audience!

Location:
Canberra Rex Hotel
150 Northbourne Ave

Braddon ACT 2612

Time:

6.00pm

Afterwards:
Swan & King Bar
Canberra Rex Hotel
Organisers:
Kylie McDevitt
Silvio Cesare

Future Dates:

9th September

Sasha

14th October

Courtney

11th November

TBA

9th December

TBA

Get ready for BSidesCbr 2023

Friday 12th August 2022

Talk 1: Pointer Authentication on the M1

This talk will discuss an exploit mitigation technique in modern ARM processors called Pointer Authentication or PAC. We'll discuss some experiments and conjectures on how Apple has implemented PAC on their M1 chips.
Cipher
Cipher is an avid CTF player for the Cybears CTF team. Every CTF he says he will learn more about reverse engineering and vulnerability research, before solely focusing on cryptography challenges. Cipher has also helped run the BSides CBR CTF for the last two events.

Talk 2: GetInjectedThreadEx - improved heuristics for suspicious thread creations

Since its debut in 2017, Get-InjectedThread.ps1 has been a blue team staple for identifying suspicious threads via their start addresses. However, red teams have subsequently identified low-cost evasion techniques to counteract this - obfuscating their shellcode threads with start addresses within legitimate modules.
This talk will outline the memory artifacts that each evasion leaves behind and the development of an updated script which may be used to detect them.
John Uhlmann
John (he/him) is a Security Research Engineer at Elastic, where he focuses on scalable Windows in-memory malware detection. Prior to this he did similar work at the Australian Cyber Security Centre.

To be updated when talks are announced, subscribe to our mailing list

* indicates required

Past Talks:

Friday 8th July 2022

Talk 1: How Can We Effectively Test Transient Execution Mitigations
Since the bombshell of Spectre and Meltdown dropped on the public in January 2018, there's been a steady trickle of new transient execution vulnerabilities over the years - with the recent BHI/Spectre-BHB (CVE-2022-0001 & CVE-2022-0002) as a timely reminder that this exploit class is the gift that keeps giving. Hardware mitigations have been introduced with new CPU generations, but plenty of mitigations still exist in software, typically flushing various bits of state when switching between privilege boundaries. In the ongoing conflict between security and performance, how can we reliably know that out mitigations are working? We can write tests, but mitigation testing is tricky. Exploits that abuse microarchitectural details are inherently finicky, so making a functional test that you can run everywhere isn't easy. You can instead only test if a mitigation is correctly applied, but that doesn't tell you if it actually works against an attack. In this talk, Russell will discuss pros and cons of different testing methods, detail what's currently being used by the community, and look at how we could potentially do better in the future.
Russell Currey
Russell Currey is a software engineer at IBM, leading the kernel hardening effort for Linux on POWER Systems. Russell primarily works on kernel memory protection features and automated testing of vulnerability mitigations. He also runs the public continuous integration services for Linux on POWER upstream development, and is a regular speaker at linux.conf.au.
Talk 2: Beautiful Snowflakes - Fingerprinting shared libraries for speedy offset hunting
Every time I write an exploit in pwntools, I'm kind of disappointed by how long it can take to leak enough information about a remote program to discover the offsets I need for ret2* or ROP gadgets. Given an address leak and some arbitrary read construction for a target ELF, the usual process for finding and identifying shared libraries in memory can require a significant number of reads. For remote exploitation or complex/fragile reads, this can impact on both speed and stability. In the era of BIG DATA, it seems like we should be able to do better. This talk covers an adventure in corpus building; fingerprinting approaches; and leveraging those to more effectively identify libraries loaded on a remote target with fewer reads than traditional approaches.
Matt B (maybe)
Matt is your host for the evening and somehow snuck his name onto the speaker list. Someone stop this man! During the work week, he is a security researcher with InfoSect, and on the side he tries to find time to build/play CTF with Cybears, skateboarding bears, and now skateboarding roombear (this is getting weird). Also talk to him about rhythm games :sunglasses-emoji:

Friday 10th June 2022

Talk 1: Strike Force Weenamana
A case study from the digital forensics team leader attached to a joint New South Wales Police and Australian Federal Policy strike force investigating firearms trafficking on the dark net.
Simon Smalley
Simon is a red team cyber security expert with experience in National Intelligence, the Military, and Law Enforcement. He holds a master of Cyber Security (Advanced Tradecraft) with Excellent from UNSW ADFA. He is an OSCP, eCPPT, GSLC, GSNA and IRAP assessor #1308. As a former NSW Police office, Simon has worked in counter-terrorism and special tactics, investigations and digital forensics.
Talk 2: Evolution of State-based Offensive Cyber Operations
This talk examines the use of offensive cyber operations (those which manipulate, deny, degrade or destroy) by looking at how the activities of various states and their tactics in the space have evolved over time. It will include a first look at how Russian forces have used cyber operations during the 2022 invasion of Ukraine.
Tom Uren
Tom writes the Seriously Risky Business policy-focussed cyber security newsletter ( https://srslyriskybiz.substack.com/ ) and is a Senior Fellow at the Australian Strategic Policy Institute (ASPI). He was formerly a Senior Analyst in ASPI's Cyber Policy Centre where he contributed to various projects including on offensive cyber capabilities; information operations; the Huawei debate in Australia; and, most recently, end-to-end encryption. Prior to ASPI, Tom worked on cyber-related issues in the Australian Department of Defence. Tom's formal training is as a scientist and he has a degree in Biochemistry and Molecular Biology.

Friday 13th May 2022

Talk 1: Open Source Cloud Management
This talk covers the details of an open source application for CSPM (Cloud Security Posture Management), and execution through all life-cycle phases for Cloud Estate. We will look at some of the templates developed, how to use them and how to develop your own.
Kieran Rimmer
Kieran is a co-founder and CTO of StackQL. You can find him on LinkedIn and the project on GitHub
Talk 2: E-Voting - Fool me once, shame on you...
This talk will cover as much information about the security, and particularly cryptography, of electronic voting systems as time allows. It will start with a brief discussion of what the systems tend to look like and what security is typically expected. A few examples will be given of errors in real systems, concluding with a discussion of where the field goes from here.
Thomas Haines
Thomas is a lecturer at ANU who loves breaking and fixing e-voting systems. Thomas' work focuses on the security of cryptography in the wild and the applications of formal methods to cryptography.

Friday 8th April 2022

Talk 1: Intro to 3D Printing
There's never been a better time to get into 3D printing. This talk will cover:
  • a brief history of 3D printing from the 1940s to present day,
  • the three most common types of 3D printing currently available to hobbyists and what you can do with them,
  • why you should care about 3D printing, and
  • how to get started and what to expect in terms of budget and effort investments.
Cat
Cat is a software security engineer by day, who loves making and breaking things by night. Their hobbies include almost anything you can do with your hands.
Talk 2: Windows x64 Stack Walking - Same Same, but Different
This talk covers the differences between x86 and x64 stack walking on Windows – and the implications for security folks.
John Uhlmann
John is currently a security researcher at Elastic, and formerly at the ACSC.

Friday 11th March 2022

Talk 1: Abusing Public Infrastructure to BYO VirusTotal for Email
In this talk we'll discuss how public-facing email infrastructure can be abused to build a novel email evaluation capability that encompasses an array of targets and secure email gateway technologies. Building this capability has been greatly simplified through development of an open-source project called Phishious. We'll showcase how Phishious exploits a common misconfiguration to leak sensitive information from mail receivers, that ultimately provides the user with information on whether or not their phishing material would end up in the target's mailbox.
Sebastian Salla
Seb is a Security Professional who loves all things related to Cloud and Email Security. When not working his day job, he's frequently trying to find novel techniques that bypass email security controls.
Talk 2: Diamond in the SIEM - Improving the Building Blocks of Security Alert Monitoring
While Pat was taking an in-home holiday (thanks to the apocalypse), he decided to revolutionise the world of Security Information and Event Management (SIEM). Come along for a journey of discovery that traverses event collection, detection development, and user experience; that chronicles how you too can develop your own SIEM that brings a new dimension to computer security. This will not be a serious talk, but hey, you might enjoy it and learn something regardless!
PatH
Pat works as a Senior Security Researcher at a large international security organisation and has spoken at numerous international conferences such as BSides Canberra and DEFCON. This is not one of those talks.

Friday 11th February 2022

Talk 1: Immersive 3D for Network Traffic Analysis
This research covers the long, but ultimately un-successful so far, attempt to display computer network traffic in a 3D abstraction that can be more than just a gimmick for management fascination.
Daniel Clark
Daniel has been working in computer security within government since 1999 and is currently working on a part time PhD in cyber security. The software at the heart of this research, Scanmap3D, has been available open-source on Source Forge since 2003.
Talk 2: Exploiting Browsers
This talk takes a bug in a JS Engine and provides an example of the work required to develop it into a browser exploit.
Dr Silvio Cesare
Silvio is best known for his steak cooking and being Kylie's partner. He also wrote about some linux elf stuff in the 90s that is still referenced, has spoke at Blackhat a few times, has a PhD, worked in a few roles and likes to teach and share knowledge. Can you just google him? The next time he speaks at CSides he will get his abstract & bio to Kylie early so she doesn't have to write it for him. ;)

Friday 18th June 2021

Talk 1: eBPF - The coolest-newest kid in town
extended Berkeley Packet Filters (eBPF) is quickly becoming the hottest-newest addition to the Linux Kernel.
With its ability to dynamically trace code execution and efficiently route packets, it is quickly becoming the major system to replace software-defined firewalls, routers, and system tracers, thanks to investment by cloud-native giants like Google and Netflix.
This talk will give an overview of eBPF, and how it can be used for everything from packet capturing, to malware analysis, bug hunting, and even malware. eBPF is becoming a must-know system for Linux developers and security specialists, so come along to learn what eBPF is, why I think it's so dope, and how to start making and using eBPF Programs and tools. Also it's coming to Windows (sorta)!
Pat
Pat is an awesome partner to his wife, a hilarious dad to his daughter, and a dedicated ball fetcher to his dog.
When he's not spending time doing those things, he's a senior security researcher at a public cybersecurity company. Having previously worked as a developer of mission-critical systems, he now helps threat hunters uncover and stop advanced actors across the globe.
Talk 2: Cybears Present: A Review of some 2021 BSides CTF Puzzles
The Cybears returned to BSides Canberra in 2021 to run the Capture the Flag competition. This talk will include run throughs of some of our favourite challenges, discussion on how we approach puzzle design and how new players can