CSides Monthly Security Meetups
CSides Monthly Security Meetups provide an opportunity to listen to and share security research within the Canberra region. The meeting occurs normally on the 2nd Friday of every month. Each meetup consists of 1-2 talks of around 30 mins each. Talks start at 6pm and are followed by some socialising at a local pub.
New attendees are welcome, just come along! (There are no entry fees, and no tickets to book)
The talks at CSides are technical. CSides welcomes new and interesting speakers to present - the topic will be on a technical or security issue. As a speaker you can be an expert, a student, someone learning a new area or maybe a regular speaker on the conference circuit, but we also love to have new and occasional speakers. Please contact one of the organisers below if you are interested in speaking.
You are very welcome to propose running activites other than talks, such as hands-on workshops, an infosec quiz or something else relevant to our techie audience!
- Canberra Rex Hotel
150 Northbourne Ave
Braddon ACT 2612
- Swan & King Bar
Canberra Rex Hotel
- Kylie McDevitt
- Get ready for BSidesCbr 2023
Friday 12th August 2022
Talk 1: Pointer Authentication on the M1
This talk will discuss an exploit mitigation technique in modern ARM processors called Pointer Authentication or PAC. We'll discuss some experiments and conjectures on how Apple has implemented PAC on their M1 chips.
Cipher is an avid CTF player for the Cybears CTF team. Every CTF he says he will learn more about reverse engineering and vulnerability research, before solely focusing on cryptography challenges. Cipher has also helped run the BSides CBR CTF for the last two events.
Talk 2: GetInjectedThreadEx - improved heuristics for suspicious thread creations
Since its debut in 2017, Get-InjectedThread.ps1 has been a blue team staple for identifying suspicious threads via their start addresses. However, red teams have subsequently identified low-cost evasion techniques to counteract this - obfuscating their shellcode threads with start addresses within legitimate modules.
This talk will outline the memory artifacts that each evasion leaves behind and the development of an updated script which may be used to detect them.
John (he/him) is a Security Research Engineer at Elastic, where he focuses on scalable Windows in-memory malware detection. Prior to this he did similar work at the Australian Cyber Security Centre.
Friday 8th July 2022
Talk 1: How Can We Effectively Test Transient Execution Mitigations
Since the bombshell of Spectre and Meltdown dropped on the public in January
2018, there's been a steady trickle of new transient execution vulnerabilities
over the years - with the recent BHI/Spectre-BHB (CVE-2022-0001 &
CVE-2022-0002) as a timely reminder that this exploit class is the gift that
Hardware mitigations have been introduced with new CPU generations, but plenty
of mitigations still exist in software, typically flushing various bits of
state when switching between privilege boundaries. In the ongoing conflict
between security and performance, how can we reliably know that out mitigations
are working? We can write tests, but mitigation testing is tricky. Exploits
that abuse microarchitectural details are inherently finicky, so making a
functional test that you can run everywhere isn't easy. You can instead only
test if a mitigation is correctly applied, but that doesn't tell you if it
actually works against an attack.
In this talk, Russell will discuss pros and cons of different testing methods,
detail what's currently being used by the community, and look at how we could
potentially do better in the future.
Russell Currey is a software engineer at IBM, leading the kernel hardening
effort for Linux on POWER Systems. Russell primarily works on kernel memory
protection features and automated testing of vulnerability mitigations. He also
runs the public continuous integration services for Linux on POWER upstream
development, and is a regular speaker at linux.conf.au.
Talk 2: Beautiful Snowflakes - Fingerprinting shared libraries for speedy offset hunting
Every time I write an exploit in pwntools, I'm kind of disappointed by how long
it can take to leak enough information about a remote program to discover the
offsets I need for ret2* or ROP gadgets. Given an address leak and some
arbitrary read construction for a target ELF, the usual process for finding and
identifying shared libraries in memory can require a significant number of
reads. For remote exploitation or complex/fragile reads, this can impact on
both speed and stability.
In the era of BIG DATA, it seems like we should be able to do better.
This talk covers an adventure in corpus building; fingerprinting approaches;
and leveraging those to more effectively identify libraries loaded on a remote
target with fewer reads than traditional approaches.
Matt B (maybe)
Matt is your host for the evening and somehow snuck his name onto the speaker
list. Someone stop this man! During the work week, he is a security researcher
with InfoSect, and on the side he tries to find time to build/play CTF with
Cybears, skateboarding bears, and now skateboarding roombear (this is getting
weird). Also talk to him about rhythm games :sunglasses-emoji:
Friday 10th June 2022
Talk 1: Strike Force Weenamana
A case study from the digital forensics team leader attached to a joint New
South Wales Police and Australian Federal Policy strike force investigating
firearms trafficking on the dark net.
Simon is a red team cyber security expert with experience in National
Intelligence, the Military, and Law Enforcement. He holds a master of Cyber
Security (Advanced Tradecraft) with Excellent from UNSW ADFA. He is an OSCP,
eCPPT, GSLC, GSNA and IRAP assessor #1308. As a former NSW Police office, Simon
has worked in counter-terrorism and special tactics, investigations and digital
Talk 2: Evolution of State-based Offensive Cyber Operations
This talk examines the use of offensive cyber operations (those which manipulate, deny, degrade or destroy) by looking at how the activities of various states and their tactics in the space have evolved over time. It will include a first look at how Russian forces have used cyber operations during the 2022 invasion of Ukraine.
Tom writes the Seriously Risky Business policy-focussed cyber security newsletter ( https://srslyriskybiz.substack.com/
) and is a Senior Fellow at the Australian Strategic Policy Institute (ASPI). He was formerly a Senior Analyst in ASPI's Cyber Policy Centre where he contributed to various projects including on offensive cyber capabilities; information operations; the Huawei debate in Australia; and, most recently, end-to-end encryption. Prior to ASPI, Tom worked on cyber-related issues in the Australian Department of Defence. Tom's formal training is as a scientist and he has a degree in Biochemistry and Molecular Biology.
Friday 13th May 2022
Talk 1: Open Source Cloud Management
This talk covers the details of an open source application for CSPM (Cloud
Security Posture Management), and execution through all life-cycle phases for
Cloud Estate. We will look at some of the templates developed, how to use them
and how to develop your own.
Kieran is a co-founder and CTO of StackQL
You can find him on LinkedIn
and the project on GitHub
Talk 2: E-Voting - Fool me once, shame on you...
This talk will cover as much information about the security, and particularly
cryptography, of electronic voting systems as time allows. It will start with a
brief discussion of what the systems tend to look like and what security is
typically expected. A few examples will be given of errors in real systems,
concluding with a discussion of where the field goes from here.
Thomas is a lecturer at ANU who loves breaking and fixing e-voting systems.
Thomas' work focuses on the security of cryptography in the wild and the
applications of formal methods to cryptography.
Friday 8th April 2022
Talk 1: Intro to 3D Printing
There's never been a better time to get into 3D printing. This talk will cover:
- a brief history of 3D printing from the 1940s to present day,
- the three most common types of 3D printing currently available to hobbyists
and what you can do with them,
- why you should care about 3D printing, and
- how to get started and what to expect in terms of budget and effort
Cat is a software security engineer by day, who loves making and breaking
things by night. Their hobbies include almost anything you can do with your
Talk 2: Windows x64 Stack Walking - Same Same, but Different
This talk covers the differences between x86 and x64 stack walking on Windows
– and the implications for security folks.
John is currently a security researcher at Elastic, and formerly at the ACSC.
Friday 11th March 2022
Talk 1: Abusing Public Infrastructure to BYO VirusTotal for Email
In this talk we'll discuss how public-facing email infrastructure can be abused to build a novel email evaluation
capability that encompasses an array of targets and secure email gateway technologies. Building this capability has
been greatly simplified through development of an open-source project called Phishious. We'll showcase how Phishious
exploits a common misconfiguration to leak sensitive information from mail receivers, that ultimately provides the user
with information on whether or not their phishing material would end up in the target's mailbox.
Seb is a Security Professional who loves all things related to Cloud and Email Security. When not working his day job,
he's frequently trying to find novel techniques that bypass email security controls.
Talk 2: Diamond in the SIEM - Improving the Building Blocks of Security Alert Monitoring
While Pat was taking an in-home holiday (thanks to the apocalypse), he decided to revolutionise the world of Security
Information and Event Management (SIEM). Come along for a journey of discovery that traverses event collection,
detection development, and user experience; that chronicles how you too can develop your own SIEM that brings a new
dimension to computer security.
This will not be a serious talk, but hey, you might enjoy it and learn something regardless!
Pat works as a Senior Security Researcher at a large international security organisation and has spoken at numerous
international conferences such as BSides Canberra and DEFCON. This is not one of those talks.
Friday 11th February 2022
Talk 1: Immersive 3D for Network Traffic Analysis
This research covers the long, but ultimately un-successful so far, attempt to display computer network traffic in a 3D
abstraction that can be more than just a gimmick for management fascination.
Daniel has been working in computer security within government since 1999 and is currently working on a part time PhD
in cyber security. The software at the heart of this research, Scanmap3D, has been available open-source on Source
Forge since 2003.
Talk 2: Exploiting Browsers
This talk takes a bug in a JS Engine and provides an example of the work required to develop it into a browser exploit.
Dr Silvio Cesare
Silvio is best known for his steak cooking and being Kylie's partner. He also wrote about some linux elf stuff in the
90s that is still referenced, has spoke at Blackhat a few times, has a PhD, worked in a few roles and likes to teach
and share knowledge. Can you just google him? The next time he speaks at CSides he will get his abstract & bio to
Kylie early so she doesn't have to write it for him. ;)
Friday 18th June 2021
Talk 1: eBPF - The coolest-newest kid in town
extended Berkeley Packet Filters (eBPF) is quickly becoming the hottest-newest addition to the Linux Kernel.
With its ability to dynamically trace code execution and efficiently route packets, it is quickly becoming the major system to replace software-defined firewalls, routers, and system tracers, thanks to investment by cloud-native giants like Google and Netflix.
This talk will give an overview of eBPF, and how it can be used for everything from packet capturing, to malware analysis, bug hunting, and even malware. eBPF is becoming a must-know system for Linux developers and security specialists, so come along to learn what eBPF is, why I think it's so dope, and how to start making and using eBPF Programs and tools. Also it's coming to Windows (sorta)!
Pat is an awesome partner to his wife, a hilarious dad to his daughter, and a dedicated ball fetcher to his dog.
When he's not spending time doing those things, he's a senior security researcher at a public cybersecurity company.
Having previously worked as a developer of mission-critical systems, he now helps threat hunters uncover and stop advanced actors across the globe.
Talk 2: Cybears Present: A Review of some 2021 BSides CTF Puzzles
The Cybears returned to BSides Canberra in 2021 to run the Capture the Flag
competition. This talk will include run throughs of some of our favourite
challenges, discussion on how we approach puzzle design and how new players can