COMMUNITY SPOTLIGHT: BSides NYC & Hex90: Replay Party (April 22nd) + Wikimedia NYC Wiknic (April 23rd)
While you are waiting for upcoming DCG 201 updates, we want to highlight three amazing hacker AF activities this April weekend that you don’t want to miss! Check it-
Date: Saturday: April 22nd
Time: 8:00 AM EST — 6:30 PM EST
BSides NYC is an Information / Security conference that’s different. They’re a 100% volunteer organized event put on by and for the community and they truly strive to keep information free.
It’s been a long time since BSides NYC has resurfaced from hiatus but we are glad they’re back. If you never been to a BSides and recognize it from the more famous BSides LV, BSides NYC is a great and affordable treat for New Jersey residences (and of course New Yorkers) that is easy to get to via Port Authority, NJ Transit, NJ Bus, PATH and MTA Transportation!
BSides NYC Map
BSides NYC Villages
Villages are open spaces divided up by topic that host hands-on activities, demos, and workshops throughout the conference. They are generally less formal than the standard tracks and offer an alternative learning environment from the straight talk/lecture structure. They’re also a great place to socialize and make contacts in the community!
BSides NYC Workshops
Building the Foundations of a Cyber Threat Intelligence Program (2 hour session)
Time: 10:00 AM — 12:00 NOON
This workshop is designed to provide participants with a comprehensive understanding of the process and best practices for building a robust Cyber Threat Intelligence (CTI) program. The workshop will cover various aspects of threat intelligence including data collection, analysis, and dissemination. Participants will learn about the importance of threat intelligence in the current threat landscape, and how to establish an effective program that can help mitigate risks and prevent attacks.
Through interactive discussions and case studies, participants will gain insights into the tools and techniques required for collecting, analyzing, and reporting on threat intelligence. The workshop is ideal for security professionals, threat analysts, and anyone responsible for managing security risks. Participants will come away with a solid understanding of the key components of a successful threat intelligence program, and how to implement them in their own organizations.
Ransomware From ATT&CK to Zcash: An Interactive Simulation (2 hour session)
Time: 2:00 PM — 4:00 PM
Are you ready to take on one of the most formidable cybersecurity challenges of our time? Ransomware has emerged as a massive threat, stretching organizational defenses across Cybersecurity, IT, Legal, Finance, and even daily workplace interactions.
Don't miss this interactive tabletop-style simulation at BSides NYC 2023! Dive into a realistic ransomware scenario and collaborate with fellow participants to determine the most effective actions.
Top Reasons to Attend:
Real-World Experience: Gain firsthand exposure to critical decision-making during a ransomware incident and acquire practical tabletop experience to strengthen your organization's defenses.
In-Depth Education: Deepen your understanding of ransomware and learn about the tactics employed by attackers to maximize their profits.
Unparalleled Networking: Engage with industry peers in a dynamic, problem-solving environment and potentially discover your next career opportunity.
Hands-On Interaction: You're not just an observer; you're an active participant influencing the outcome of the simulation.
Who Should Attend?
An Inclusive Session for All: This engaging workshop is designed to accommodate professionals across various backgrounds and experience levels, including those in incident response, threat and vulnerability management, training and awareness, privacy, legal, data analysis, and communications, as well as students.
Don't miss this chance to sharpen your skills and expand your network. See you at BSides NYC 2023!
Backdoors & Breaches (2 hour session)
Time: 4:00 PM — 6:00 PM
You will learn how to play Backdoors & Breaches from Black Hills Information Security. The workshop trainers have been trained by BHIS.
DCG 201 TALK HIGHLIGHTS FOR BSides NYC (EST)
This is the section where we have comb through the entire list of talks on both days and list our highlights for the talks that stand out to us. Note that this does not invalidate any talks we didn’t list, in fact, we highly recommend you take a look at the full convention schedule beforehand and make up your own talk highlight lists. These are just the talks that for us had something stand out, either by being informative, unique or bizarre. (Sometimes, all three!)
Time: 9:20 AM
Lance James CEO, Unit 2221b
Lance James is a highly experienced information security specialist with over 25 years in the field. He has a programming, network security, digital forensics, malware research, cryptography, counterintelligence, and executive leadership background. He provides advisory services to government agencies and Fortune 500 companies and is known for his contributions to the evolution of security practices and counterintelligence tactics. James has written for several industry publications and is a sought-after keynote speaker globally. He has been featured on MSNBC an episode of "Mr. Robot" and delivered a Ted Talk on "How Attackers Can Use Your Brain Against You in Psy-Ops."
Hunting for RomCom RAT inside of the context of the war in Ukraine
Time: 10:00 AM
A few hours before the Ukraine war officially began, apparently, a Russian-sponsored wiper campaign occurred. During the following weeks and months, we saw several operations and weapons used against Ukraine. One of them is the RomCom RAT. The threat actor behind it used different initial access schemes to compromise the Ukrainian military and governmental entities. In our presentation, we will describe how we hunted it each time the threat actor changed its network infrastructure and how the RomCom RAT works inside the TO (theater of operations).
The Rise and Fall of the Trickbot and Conti Empires
Time: 10:00 AM
In a post-mortem analysis of Trickbot/Conti gangs, I'll detail our unique view into their operations, methods, and lives. Real time access to Conti Leaks was just one of many tools in our arsenal. Our work and unique vantage point has prevented a significant portion of the gang’s crimes. This story is about our journey, process, and insights into one of the most notorious cybergangs of our time.
Hunting Threat Actors using OSINT Forensics
Time: 11:00 AM
Little attention is given to tracking the perpetrators of cyber-attacks in the world of forensics. Using real world examples, I will present some OSINT methods to trace the location and identity of threat actors, including revealing deleted parts of screenshots/PDFs, discerning fake accounts, finding suspicious VPN addresses, uncovering identities from pseudonyms; using account leaks, search engine analytics, maps, social media, images and more. I will also present the results of my original research of thousands of leaked accounts, into identifying gender, age and predicted passwords in use, which can assist in threat actor identification.
The FBI Citizen's Academy: Outreach Experience
Time: 11:00 AM
I will walk participants through what it's like to apply for and then be selected to participate in the FBI Citizen's Academy, from my vantage as a participant and a graduate of the Class of 2022. I'll then outline the FBI's involvement with: FATS (firearms training, both virtual and field-based), the Infraguard, our regional forensics computer crime lab, human trafficking, drug cases, murder, kidnapping, international and domestic terrorism, hate crimes, bomb threats, gangs, public corruption, white collar crimes, weapons of mass destruction, radicalization, counterterrorism and counterintelligence. I'll conclude with a Q&A session. I'm hopeful that this will dispel some myths about the FBI in who they are and what they do, and provide an additional outreach point of contact for anyone who would wish to get involved.
Analyzing volatile memory on a Google Kubernetes Engine node
Time: 12:00 NOON
My talk focuses on how we can access and analyze volatile memory in the kernel on a Google Kubernetes Engine (GKE) node using AVML. The purpose of this is to collect a memory snapshot to get granular information about running processes and activities on the GKE node as well as pods and containers running on that node. By using the memory snapshot we can troubleshoot current node activities or use it to collect additional information as part of a security investigation. I will also cover how this method is applicable to other cloud instances running Linux distributions that are supported by AVML.
Modern Day Automobile Safety: Rescue Ops using CanBus
Time: 12:00 NOON
CanBus has shifted the entire automotive industry into a ccommunication-centric operation. Yet, firefighters and rescue personnel are still using the same physical techniques for rescue. Why can vehicles not support "FF mode" like elevators and other large systems?
Hacking Serverless Applications: A Treasure Map for Uncharted Waters
Time: 2:00 PM
Serverless technology eliminates the need for development teams to provision servers, passing the responsibility for some security threats to the cloud provider and freeing-up developers to concentrate on building logic and producing value quickly. But even without servers, serverless functions still execute code, which can lead to a cloud disaster, if not done right.
In this talk, we will discuss common risks and challenges in serverless environments. I will introduce techniques used by attackers to exploit Serverless apps in unconventional ways. I will also demonstrate exploits of recently discovered CVE, targeting cloud functions.
BTC as an IOC: Using Blockchain for Attribution
Time: 2:00 PM
Incident attribution is riddled with controversy and folly for even the most seasoned analysts. Leaked code, commodity malware, and the rapid rebranding of ransomware strains have further complicated the task. Blockchain intelligence can help visualize the underground ecosystem and attack kill chain, lending to unique financial footprints of specific threat actors or groups – not to mention where scammed, extorted, or stolen funds go. This talk covers examples of how blockchain forensics can unmask ransomware rebrands and threat actors leveraging multiple monikers and crimes.
The Dark Side of ChatGPT: Balancing Innovation and Security in the Age of Generative AI
Time: 3:00 PM
ChatGPT is here to stay. With the increasing reliance on Artificial Intelligence everywhere, it is crucial to consider the security and privacy implications of generative AI.
The talk will cover potential misuse of AI: spreading false information, abusing its capabilities to assist with security attacks such as phishing or malware, and the difficulties in detecting and mitigating malicious input and output.
The goal of this talk is to increase awareness and understanding of the security challenges with generative AIs. And to encourage efforts to ensure the safe and secure use of these powerful tools. Yes, tools.
Beyond the Buzz: SBOMs, AI, and DataOps for Organizational Resilience in a Post-Log4j World
Time: 4:00 PM
Supply chain compromises and ransomware attacks have presented new sources of cyber risk which are magnified in the context of the ubiquity of data and automation. However, with new threats come new technologies and concepts; software bills of materials (SBOMs) and AI/ML enabled operations have become increasingly popular as potential countermeasures for the evolving threat landscape. We'll spend part of this talk discussing SBOMs and AI/ML tools for cybersecurity workflows (including cautionary tales), and wrap up with a discussion of the soft underbelly of all emergent tools and strategies: validation, verification, and effective prescriptive data science and operations.
A few tricks to Anonymizing your Red Team
Time: 5:00 PM
Adding onto my 2019 Derby con talk about using pre-paid cards to gain hosting infrastructure. This talk will detail a few other ways to anonymize Red Team activities. Such as, self-destroying drop box’s to hinder IR; OPSEC notes about using infrastructure with Tor access; highlighting trackers to avoid when cloning a site and ways to avoid brand monitoring; ways to build better concealment for drop boxes; OPSEC concealment with infrastructure , TLS and LTE service. I will also review what no longer works from my 2019 talk as related to anonymous accounts.
A Chess Tournament: China/Russia Underground Ecosystem Comparison
Time: 5:00 PM
Both Chinese and Russian-speaking actors continue to pose threats to organizations globally. It is critical for cybersecurity specialists to be prepared against these threat actors by understanding underground ecosystems and seeing how they evolve through a clear lens. The case studies covered in this presentation will shed light on the connections between geopolitical events and underground activities. Information and data analysis included in this presentation will help cybersecurity specialists and network defenders predict future trends and protect their organizations against threats originating from both China and Russia.
Looking for an hacker after party for BSides NYC? Keep Scrolling…
Date: Saturday: April 22nd
Time: 8:00 PM EST — 4:00 AM EST
Hex 90 CTF: https://hex90.party
HEX90 — a queer hacker salon in NYC
Queer hackers of the world, unite! There's a war going on. The battlefield is in the mind. And the prize is the soul. Remember, hacking isn't just a crime. It's a survival trait.
Hacking is not merely about breaking in; it's also about breaking out. You are the embodiment of escape velocity, from megahertz to gigahertz, each of us individual components in a system that cannot keep up with its constituents. You may feel suffocated by it, trapped in its loops, history repeating itself in the closed minds of politicians, pundits, "thought leaders," or billionaires who kennel you within rings of "protection." But you are different: you have already seen what comes next.
To move forward, we sometimes must replay pieces of the past. This time, though, we are armed with the experience of a freer future. We have learned their secrets and shared them widely. We can speak their words back to them and claim the power they thought was theirs alone. We are the future they fear because we are already here, and they are the past.
They want to undo us. We will replay them, and win—again.
April 22, 2023 @ Wonderville
1186 Broadway, Brooklyn, NY 11221
8:00pm — 4:00am
~ this venue is accessible
~ this venue has gender-neutral restrooms
~ this venue has outdoor space
~ this venue permits entry only to those aged 21+
# dressing up is encouraged but not required
~ music performances by
~~ Nina Vicious
~~ trans kafka
~~ heaven ender
~~ Rana Ransom
~ livecoded visuals by
~ live analog visuals by
~~ Mike Videopunk
~ indie games by Death By Audio Arcade
~ hacking demos & education by Tech Learning Collective
~ text adventure cybersecurity game by Shift-CTRL Space
DANCE AT THE STAGE, AND BRING YOUR LAPTOP SO YOU CAN HACK AT THE BAR!
In addition to music and visuals, the most unique addition of the Hex90 parties is a hyperlocal cybersecurity (hacking) themed text-adventure game that gave the party its name: Hex90. This game is played on your own laptop, not on a console or arcade cabinet at the venue, but is still only accessible when you are physically at the party venue itself. (Aside from a short "trailer," the game is not available on the public Internet.)
After you connect to the party's Wi-Fi network, you can then connect to the Hex90 game server using your Web browser. But to solve the challenges, you must download and install real hacker tools and learn how to employ real hacking techniques to progress through game levels ranging from network reconnaissance, applied cryptography, and Web exploitation. You've never seen so many queers open so many terminals in one place while being so close to a dance floor, and there's no high quite like it.
We continuously add levels to the game, so expect new challenges at most parties. Moreover, we sometimes incorporate physical-world features of the venue, like padlocks you need to pick that are safeguarding access to secret passwords, QR codes stashed in unexpected places, unassuming but exposed Ethernet cabling that turns out not to be a mistake at all, and so on. At Hex90, the game controller is your computer and the game mechanic is the real world.
All of the tools, techniques, and procedures (TTPs) used to progress in the game levels are skills taught by and equipment used by Tech Learning Collective instructors in our online workshops. Visit TechLearningCollective.com for more information and to enroll.
# START HACKING AT #
# BUY TICKETS HERE #
$30 - pay if you can
$15.00 - str8 cismen
$10.00 - queers/transes/enbies and femmes
DAY-OF/AT THE DOOR:
$20.00 - str8 cismen
$15.00 - queers/transes/enbies and femmes
* Hex90 is an inclusive event.
* Door staff is instructed to respect your self-identification.
This is an intentionally queer space. Consent and respect are not optional! Anyone behaving unkindly will be removed immediately without a refund. No amount of racism, queerphobia, transphobia, or sexism will be tolerated. This event is a celebration of queer hacking for queer hackers, not for Silicon Valley entrepreneurs, brogrammers, or BitCoin bros. Don't piss off the hackers. ;)
Wikimedia NYC Earth Day Wiknic
Date: Sunday: April 23nd
Time: 12:00 NOON EST — 5:00 PM EST
All attendees are subject to Wikimedia NYC’s Code of Conduct. In addition, to participate in person you should be vaccinated and also be sure to respect others’ personal space, and we may limit overall attendance size if appropriate.
How To Get There
Wikipedia:Meetup/NYC/Earth Day Wiknic - Wikipedia
From Wikipedia, the free encyclopedia The Earth Day Wiknic NYC is a planned wiki-picnic in Brooklyn's Prospect Park on…
From Prospect Park station (BMT lines), go outside at the southern Lincoln Road exit, and come into the park at the Lincoln Road entrance, then walk southward along the path inside until you see the pavilion.40.65934°N 73.96414°W