Black Hat DC 2010 //briefings

Hyatt Regency Crystal City • Feb 2 - 3


Register Now //speaker bios


Chema Alonso

Chema Alonso is a Computer Engineer by the Rey Juan Carlos University and System Engineer by the Politecnica University of Madrid. He has been working as security consultant last six years and had been awarded as Microsoft Most Valuable Professional since 2005 to present time. He is a Microsoft frequent speaker in Security Conferences. He writes monthly in several Spanish Technical Magazines. He is currently working on his PhD thesis about Blind Techniques. Recently spoke in BH Europe 2008 about LDAP Injection & Blind LDAP Injection attacks, in Defcon 16 about Time-Based Blind SQL Injection using heavy Queries, in Toorcon X about RFD (Remote File Downloading) and in DeepSec 2k8 in Austria. Currently has been selected to be presenting in HackCon#4 in Norway and in SchmooCon 2k9 in Washington DC, BlackHat Europe 2k9 and Defcon 17.


Jorge Luis Alvarez Medina

CORE Security Technologies

Jorge Luis Alvarez Medina is a Computer Engineer experienced in hardware and software development and security assessment (network and web applications penetration testing) and development (turn-key access control systems, security tools and scripts). Currently working as Security Consultant for CORE Security Technologies.

Security advisories:

Internet Explorer Zone Elevation and Security Zone Restrictions Bypass

Internet Explorer Security Zone Restrictions Bypass

Specialties:

Security Consulting Services

  • network penetration testing
  • web applications penetration testing
  • source code audits
  • vulnerability research

Networking Services

  • network design and deployment
  • load balancing management
  • firewalls administration

Electronics and hardware/software interfaces

  • Micro-controlled devices design and building
  • RF control solutions
  • PC-controlled devices design and building

Software design and development


Colin Ames

Attack Research

Colin Ames Colin Ames is a security researcher with Attack Research LLC where he consults for both the private and public sectors. He's currently focused on Pen testing, Exploit Development, Reverse Engineering, and Malware Analysis.


Mike Bailey

Foreground Security

Mike Bailey is a Senior Security Researcher and penetration tester with Foreground Security. His exploits are many, but rarely discussed. Generally, that's the way he likes it. He has been described as "a good guy, with an evil mind."

He publishes his personal research and musings at Skeptikal.org


bannedit

David D. Rude II is a security engineer with Affiliated Computer Services Inc. (ACS Inc.) where he conducts penetration tests for governments and various business clients. Prior to working for ACS he worked for iDefense as a vulnerability analyst and researcher, verifying vulnerability research from various contributors from around the world.


Dionysus Blazakis

Dionysus Blazakis has been breaking software since 1994, playing with debug.com and Ralf Brown's Interrupt List. Somewhere along the way, he took a more respectable path and ended up as a software developer. He has been writing code for embedded devices for the last 8 years. When not securing satellite pay-per-view porn for his current employer, he spends his time decompiling SNES games, bug hunting, and automating other reversing and exploitation tasks. His relevant interests include compilers, operating systems, programming languages and interpreters.


Bill Blunden

Bill Blunden (MCSE, MCITP:Enterprise Administrator) began his journey into enterprise computing over ten years ago at an insurance company in Cleveland, Ohio. Gradually forging a westward path to Northern California, he’s worked with ERP middleware, developed code for network security appliances, and taken various detours through academia.

Bill has written a number of books including "Cube Farm," "Software Exorcism," "Offshoring IT," and "The Rootkit Arsenal." In addition, he has co-authored articles related to 9/11 that have appeared in academic publications like Peace and Conflict:Journal of Peace Psychology and Aggressive Behavior.

Bill has an undergraduate degree in physics from Cornell University and a Master of Science degree in operations research. His current areas of research deal with system-level software, anti-forensics, and information security. He's the principal investigator at Below Gotham Labs.


Elie Bursztein

Stanford University

Elie Bursztein is a post-doctoral researcher at the Stanford Computer Security Lab. He holds a PhD in computer science and an Engineering degree in computer systems, networks and security. His research focus is network and web security, game theory and artificial intelligence.


Ben Butler

GoDaddy

As the Director of Network Abuse for GoDaddy.com Ben Butler has, in this capacity, become an expert in dealing with all forms of network abuse. This includes spam, phishing, hacking, copyright violation, child exploitation issues, and the network security problems that often accompany such abuses. Mr. Butler comes from a strong technical background including several years as a network and email administrator at a Fortune 500 company. He also has extensive experience in customer service and satisfaction, coupled with experience in both business management and marketing.


David Byrne

Trustwave

David Byrne is a Senior Security Consultant within the Application Security practice at Trustwave's SpiderLabs. SpiderLabs is the advanced security team responsible for Penetration Testing, Application Security, and Incident Response for Trustwave's clients.

David has been involved with information security for a decade. Before Trustwave, he was the Security Architect at Dish Network. In 2008, he released Grendel (grendel-scan.com), an open source web application security scanner. David frequently presents at security events including DEFCON, Black Hat, Toorcon, SANS, and OWASP AppSec.


Chris

SecureDNA

Chris is a Security Consultant and Researcher with Secure DNA. Chris specializes in web based application development security. He has collaborated with some of the top security researchers and companies in the world and has performed static and dynamic security assessments for numerous companies and government agencies across the U.S. and Asia.


Paolo Milani Comparetti

International Secure Systems Lab, Technical University Vienna

Paolo Milani Comparetti is a post-doctoral researcher at the International Secure Systems lab, Technical University Vienna. The main focus of his research at the moment is (malicious) program analysis and reverse engineering. He is one of the people behind the Anubis malware analysis service.


Richard Cox

Spamhaus

Richard Cox joined Spamhaus in 2003 after working for a number of UK Telcos and ISPs in the "compliance" sector, and has been CIO of Spamhaus since May 2005.

Launched in 1998 to combat "conventional" spam, the SPAMHAUS PROJECT has had to expand its activities to deal with all the cybercriminal activities that are now needed to enable today's spammers to get past the many blocks put in place, and is today accepted as one of the world's foremost cybercrime investigating agencies.


Tom Cross

IBM X-Force

Tom Cross Tom Cross is the manager of IBM Internet Security System's X-Force Advanced Research team. Tom's team is engaged in a daily effort to identify, analyze, and mitigate computer security vulnerabilities. Tom has a six year history with ISS, during which he has served as a vulnerability researcher and software developer. He is credited with discovering a number of critical security vulnerabilities in enterprise class software and he also wrote one of the first academic papers suggesting the use of trust metrics in Wikipedia. Tom frequently speaks on computer security issues at conferences around the world. He holds a Bachelor's degree in Computer Engineering from Georgia Tech.


Egypt

Egypt has been a core developer for the Metasploit Project since April 2008 and a user of the framework since discovering its existence in 2004. Recently, egypt joined Rapid7 where he is now working on Metasploit full-time. He is also a member of Attack Research, a group of people dedicated to the in-depth understanding of computer based attacks.


Andrew Fried

Internet Systems Consortium

Andrew Fried currently a security researcher with Internet Systems Consortium (ISC), a nonprofit 501(c)(3) public benefit corporation dedicated to supporting the Internet community with software and professional services essential to its infrastructure. Mr. Fried is also the CEO of Deteque, a consulting and solutions provider for mitigating online threats.

In 2008, Mr. Fried retired from the United States Department of the Treasury, where he had been a Senior Special Agent for twenty years. Throughout his career with Treasury, he was involved in computer and network security.


Joe Grand

Grand Idea Studio

Joe Grand is an electrical engineer, hardware hacker, and president of Grand Idea Studio, Inc. (www.grandideastudio.com), where he specializes in the invention, design, and licensing of consumer products and modules for electronics hobbyists. He is a former member of the legendary hacker collective L0pht Heavy Industries and has spent over a decade finding security flaws in hardware devices and educating engineers on how to increase the security of their designs.


Vincenzo Iozzo

Zynamics GmbH

Vincenzo Iozzo is a student at the Politecnico di Milano where he does some research regarding malware and IDS. He is involved in a number of open source projects, including FreeBSD due to Google Summer of Code. He works as a reverse engineer for Zynamics GmbH.


Christian Kendi

Iron Software

Christian Kendi will soon graduate from the Technical University of Munich (TUM) and the Universidad Politécnica de Madrid (UPM). He has been working as a security consultant for 11 years and is currently CEO of Iron Software, an independent security consulting firm in Germany working in the field of (Kernel) exploitation, Linux/BSD Kernel Rootkits, ZFS, Signal Intelligence and Mac OS X reverse engineering.

Kendi was recently involved in investigating Satellite Radio Systems using Software-definied Radio (SDR) technology.


David Kerb

Attack Research

David Kerb has worked in the computer security arena for the past ten years. He has specialized in reverse engineering, malware research, and penetration testing. During the past ten years he has worked with various places including Offensive Computing, a Malware Research Company. He is currently helping found Attack Research which is set up to help understand the internals of attacks. Dave Kerb has focused on *nix systems and enjoys figuring out how to abuse various trust relations between *nix systems.


Mike Kershaw

Kismet & Aruba Networks

Mike Kershawis the author of Kismet and several articles on wireless security. Mike also works for Aruba Networks, where his full-time job is to break things and pick up the pieces.


David Litchfield

NGSSoftware

David Litchfield is the founder and chief research scientist of NGSSoftware Ltd., a UK-based security solutions provider. He has been recognized as the world's premier expert on Oracle database security, and is the designer of NGSSQuirreL, a powerful tool for identifying and assessing database vulnerability. David is a regular conference speaker and has lectured government agencies on security topics.


Moxie Marlinspike

Institute For Disruptive Studies

Moxie Marlinspike does research with the Institute For Disruptive Studies. He also holds a 50 Ton Master Mariner's license.


Joshua Marpet

DataDevastation

Joshua Marpet is an ex-cop from Louisiana, an ex-volunteer fireman from New Jersey. Joshua Marpet has had every Career he dreamed of in childhood, except astronaut. He finally figured out what he wanted to do when he grew up:a Physical-and Information-Security analyst. Working as a cop and for a video-surveillance-systems manufacturer taught Joshua how to use cameras, access control systems, locks, and his own senses to great advantage when designing, building, commissioning, and auditing Physical Security Systems. Leveraging those skills, Joshua managed to use his system administration and technical support skills, along with his project management experience, to break into the Information Security Arena.
He's been living in both worlds ever since.


Joseph Menn

Author of "Fatal System Error", Financial Times

Joseph Menn has reported on security and other technology issues for more than a decade at the Financial Times and the Los Angeles Times, mostly from his current base in San Francisco. He is a two-time finalist for the Loeb Award, the most prestigious in financial journalism, for coverage of Microsoft and the Hollywood writers’ strike. Earlier, he won a “Best in Business” award from the Society of American Business Editors and Writers for tobacco coverage at Bloomberg News, where as legal editor he directed stories that revealed the landmark settlement talks between the cigarette companies and the states. Menn’s third book, “Fatal System Error: The Hunt for the New Crime Lords Who are Bringing Down the Internet,” will be published in January 2010 by PublicAffairs Books in New York. His previous books include “All the Rave: The Rise and Fall of Shawn Fanning’s Napster,” the definitive 2003 work selected as a book-of-the-year finalist by the trade group Investigative Reporters & Editors Inc.


HD Moore

Metasploit & Rapid7

HD Moore is Chief Security Officer at Rapid7 and Chief Architect of Metasploit, the leading open-source penetration testing platform. HD founded the Metasploit Project in the summer of 2003 with the goal of becoming a public resource for exploit code research and development. Prior to joining Rapid7 and continuing his work on the Metasploit Framework, HD was the Director of Security Research at BreakingPoint Systems, where he focused on the content and security testing features of the BreakingPoint product line. Prior to BreakingPoint, HD spent seven years providing vulnerability assessments, leading penetration tests, and developing exploit code.


Leonardo Nve Egea

S21sec

Leonardo Nve is a senior security auditor at S21sec in Spain, involved in computer security since 1996, working as consultant and auditor from 2000, 2002 managed several research on various security technologies such as DOCSIS and Wireless, with various papers published in various Spanish specialized publications. Also managed the UnderCON,the first Spanish underground security congress, where he presented the first full-ASCII Shellcode in 2000, other talks were about wifi and phone companies security.


Deviant Ollam

Deviant Ollam: While paying the bills as a security auditor and penetration testing consultant, Deviant Ollam's first and strongest love has always been teaching. A member of the Board of Directors of the US division of TOOOL (The Open Organization of Lockpickers) Deviant runs the Lockpicking Village at DEFCON and ShmooCon every year and has conducted lockpick training sessions at Black Hat, ToorCon, HOPE, HackCon, ShakaCon, HackInTheBox, CanSecWest, ekoparty, DeepSec, and the United States Military Academy at West Point.


Jose Palazon

Jose Palazon: (palako) is globally responsible for mobile security at Yahoo!. With more than 9 years experience in security auditing, consulting and trainning for the public, private and academic sectors, his areas of expertise include mobile, web security, unix systems security and digital forensics. Frequent international speaker, he has presented, among others, at DEFCON (Las Vegas), Shmoocon (Washington) and FOWA (London), as well as published vulnerabilities in key sites such as securityfocus.com


Nicholas J. Percoco

Trustwave: SpiderLabs

Nicholas J. Percoco is Senior Vice President of SpiderLabs at Trustwave. He has more than 14 years of information security experience. In his role at Trustwave, he leads SpiderLabs, the team that has performed more than 500 computer incident response and forensic investigations globally, as well as thousands of penetration and application security tests for clients. Nicholas acts as the lead security adviser to many of Trustwave’s premier clients by assisting them in making strategic decisions around various security compliance regimes. As a speaker, he has provided unique insight around security breaches and trends to public (YSTS, DEFCON, SecTor, etc.) and private audiences throughout North America, South America, Europe, and Asia. Prior to Trustwave, Nicholas ran security consulting practices at both VeriSign and Internet Security Systems. Nicholas hold a Bachelor of Science in Computer Science from Illinois State University.


Jean-Michel Picod

EADS Defence & Security

Jean-Michel Picod is currently working for EADS Defence & Security and has an engineering degree in computer systems, networks and security. Over the past years he has been more focused on windows systems and their security.


Shane Powell

Raytheon

Shane Powell is the Principle Systems Security Engineer, Raytheon – Network Centric Systems.

As an Information Systems Security Engineer Mr. Powell specializes in detailed vulnerability assessment and post intrusion analysis, focusing on engineering vulnerability remediation solutions within enterprise systems. His experience includes intelligence (S-2) and operations (S-3, J-9) support to Battalion, Brigade, and Joint military organizations, including the Joint Task Force for Global Network Operations (JTF-GNO).

Mr. Powell’s most recent projects for Raytheon include:

  • Design of integrated COTS solutions and methodologies for software based network security modeling and simulation, in support of Raytheon’s Cyber Tactics Center (RCTC). Special focus on the methodologies developed address the use of attack vector analysis to pinpoint vulnerable systems within a network based on exposure, and to facilitate effects prediction for Continuity of Operations Planning (COOP).
  • Design and implementation of a converged, location aware physical and logical access control system for an international customer that consolidates multiple user credentials into a single set, consisting of a smart card and fingerprint biometric.

Previous projects designed for the Joint Task Force for Global Network Operations (JTF-GNO) include:

  • Development of host based forensics methodologies and task-flow management processes.
  • Design of a distributed analysis network to provide shared virtualization of suspect media for black box testing by forensics and malicious code reverse engineering teams.

Mr. Powell holds a B.S. in Computer Science and Information Systems, A.A.S. in Arabic, and is currently working to complete a Masters in Information Systems with concentration in Information Security. His Professional certifications include CISSP-ISSEP, MCSE, and R6S.


Jason Ross

BT Ethical Hacking Center of Excellence

Jason Ross has been performing application, host, and network based attack and penetration testing for 6 years, and has more than 10 years experience hardening systems and IP networks. For the past 4 years he has been an active member in several vetted security groups which research malware and work to contain emerging internet threats. In his spare time, he runs the Rochester DefCon Group, DC585.


Nicolas Seriot

University of Applied Sciences Western Switzerland (HES-SO/HEIG-VD)

Nicolas Seriot has been an enthusiastic Mac user since 1986. He recently worked as a software engineer at Sen:te, Lausanne, Switzerland, where he created Cocoa applications, taught iPhone classes, wrote set-top-box embedded applications and custom web applications. He also developed several open-source applications for iPhone developers in his spare time.

In December 2009, having mastered the ins and outs of iPhone programming, Nicolas Seriot presented a program called SpyPhone in an iPhone dev user group meeting in Geneva, Switzerland. The presentation challenged Apple's claims on non-jailbroken iPhones security, and was received with great interest after being reported in Slashdot and The Register.

Nicolas Seriot holds a Swiss HES degree in software engineering and a Master’s degree in Economic Crime Investigation from ILCE, Neuchâtel, Switzerland.

In August 2009, Seriot accepted a new position as a datamining R&D engineer and teaching assistant at the University of Applied Sciences Western Switzerland (HES-SO/HEIG-VD)


Val Smith

Attack Research

Val Smith has been involved in the computer security community and industry for over ten years. He currently works as a professional security researcher on a variety of problems in the security community. He specializes in penetration testing (over 40,000 machines assessed), reverse engineering and malware research. He works on the Metasploit Project development team as well as other vulnerability development efforts. Most recently Valsmith founded Attack Research which is devoted to deep understanding of the mechanics of computer attack. Previously Val Smith founded Offensive Computing, a public, open source malware research project.


Kevin Stevens

SecureWorks

Kevin StevensKevin Stevens is a Threat Intelligence Analyst with the SecureWorks Counter Threat Unit. He has four years of experience in the security field and almost 10 years of experience in IT. Kevin has worked for such companies as Data General, EMC, and CNN. His main areas of expertise include packet analysis, malware analysis, vulnerability research, and intelligence gathering. Kevin has also been involved in incident response engagements to help mitigate the threat of malware, and assess what information was exfiltrated during a cyber attack. He is a member of the CYBER WARFARE Forum Initiative (CWFI), Cyber Intelligence Network, NSA Information Assurance Network, and the Digital Forensics Association (DFA). Kevin has earned a GIAC Certified Intrusion Analyst (GCIA) certification and a BS in Information Security Systems from ITT graduating with highest honors. He has also been a member of InfraGard since 2006.


Matthieu Suiche

Matthieu Suiche is security researcher who focus on reverse code engineering and volatile memory forensics. Matthieu actually works for the Netherlands Forensic Institute in The Hague, he also had been speaker in various security conferences such as PacSec, BlackHat USA, EUROPOL High Tech Crime Meeting, Shakacon etc. His previous researches include Windows physical memory forensics (Windows hibernation file, Windd utility to acquire physical memory either as a raw dump or as a Microsoft crash dump file).

He is reachable through his website at www.msuiche.net


Rohini Sulatycki

Trustwave

Rohini Sulatycki is a Security Consultant within the Application Security practice at Trustwave's SpiderLabs. SpiderLabs is the advanced security team responsible for Penetration Testing, Application Security, and Incident Response testing for Trustwave's clients.

Rohini has been involved in the Information Technology industry for more than 13 years. Rohini specializes in application security testing and code review conducting a large number of application tests in her capacity at Trustwave. Rohini has been a technical reviewer for several books and publications including Java Security and IEEE Security and Privacy.


Bryan Sullivan

Microsoft

Bryan Sullivan is a Security Program Manager on the Security Development Lifecycle (SDL) team at Microsoft. He is a frequent speaker at industry events, including Black Hat, BlueHat, and RSA Conference. Bryan is also a published author on web application security topics. His first book, "Ajax Security" was published by Addison-Wesley in 2007.


Christopher Tarnovsky

Flylogic Engineering, LLC

From start to finish, we will walk through how a current generation smartcard was successfully compromised. The talk will discuss everything that was required in the order the events took place. We will cram several months into an hour! PS- The talk will be very technical mixed hardware and software (60% hardware, 40% software).

Christopher Tarnovsky runs Flylogic Engineering, LLC and specializes in analysis of semiconductors from a security "how strong is it really" standpoint. Flylogic offers detailed reports on substrate attacks which define if a problem exists. If a problem is identified, we explain in a detailed report all aspects of how the attack was done, level of complexity and so on. This is something we believe is unique and allows the customer to then go back to the chip vendor armed with the knowledge to make them make it better (or possibly use a different part).


Qing Wang

Symantec

Qing Wang is a security engineer from Product Security team in Symantec. The daily work of this team includes identifying and responding reported vulnerability, penetration testing and security coding/testing training inside of Symantec. Chine has years experience on penetration test, vulnerability investigation, reverse engineering and some other security area. Qing published a security book "0 Day Security: Vulnerability analysis and exploit technology" in China. The book won "2008 Top 10 IT original book" award and "The second best seller of security computer classification 2008" award by ChinaPub which is one of the biggest on-line book stores in China

http://www.china-pub.com/STATIC07/0811/jsj_itbang_081126.asp


Stefano Zanero

Politecnico di Milano

Stefano Zanero received a Ph.D. degree in Computer Engineering from the Politecnico of Milano technical university, where he is an Assistant Professor. His current research interests include the development of Intrusion Detection Systems based on unsupervised learning algorithms, security of web applications and computer virology. He has been a speaker at international scientific and technical conferences, and he is the author and co-author of books and articles published in international, peer reviewed journals and conferences. He is a member of the board of the "Journal in Computer Virology", and acts as a reviewer for the "ACM Computing Reviews" and "IEEE Security & Privacy," as well as various primary international conferences. He is a member of the IEEE (Institute of Electrical and Electronics Engineers), the ACM (Association for Computing Machinery), and a founding member of the Italian Chapter of ISSA (Information Systems Security Association), for which he sits in the International Board of Directors. He has also been a columnist for Computer World Italy, and has been awarded a journalism award in 2003. Since 2004 he is a partner and CTO of Secure Network, a firm specializing in information security training and consulting, based in Milan.