Category: Announcement

RVAsec 2015 CFP is now open!

January 3, 2015
AnnouncementConference

The call for papers for RVAsec 4 is now open!

Click here to submit a talk to the CFP now!

 

Conference: June 4-5th, 2015

Location: Richmond, VA

CFP Submission Deadline: March 14th, 2015 at 11:59 PM Eastern

RVAsec is a Richmond, VA based security convention that brings top industry speakers to the midatlantic region. In its third year, RVAsec 2014 attracted 350 security professionals from across the country. For 2015, the conference is a two day and dual-track format, with a mixed focus on technical and management/business presentations.

All talks must be 55 minutes in length, and submissions will need to select either technical or business/management tracks.

Join us and enjoy the perks!

For more information and requirements, or to submit, please visit:

http://rvasec.com/2015-cfp/

If you are interested in running a training class on June 3rd, please email us at info@rvasec.com with the following information:

1) Title Of Class
2) Overview of Class (enough details that we can properly understand what students will learn!)
3) Instructor Name
4) Instructor Bio
5) Desired Class Size
6) Student Prerequisites:
7) Proposed Cost / Amount Required Per Student:

RVAsec 2014 Videos

July 30, 2014
AnnouncementVideos

rvasec-tv

Miss a talk or even the entire conference? No problem! All of the speaker videos and presentations are linked below, or you can view the full Youtube playlist here!


David Kennedy – Keynote

Gene Fishel – Keynote

Ben Tomhave – How to Achieve Success with Cyber Risk Assessment and Analysis

Brian Baskin – Introducing Intelligence into Malware Analysis

David J. Bianco – The Pyramid of Pain: Intel-Driven Detection & Response to Increase Your Adversary’s Cost of Operations

Dan Holden & Elizabeth Martin – Pissing Down The Leg Of Much Of Our Careers; Why Are You People Still Buying Firewalls & IPS?

David Sharpe & Katherine Trame – Real World Intrusion Response – Lessons from the Trenches

Evan Booth – Terminal Cornucopia: Demystifying the Mullet

Inga Goddijn – Cyber Insurance – Worth the Effort or Total Ripoff?

Jayson E. Street – The hacker in the fun house mirror (A talk on skewed perspectives)

Jack Mannino & Abdullah Munawar – How To Find Mobile Internet Love

Joey Peloquin – Offensive Mobile Forensics

Jonathan Dambrot – Third Party Risk Management and Cybersecurity

Kimberley Parsons & Carmen Sullo – Leading Security When the Rest of The Business Doesn’t Care About Security

mubix – Attacker Ghost Stories: Mostly Free Defenses That Gives Attackers Nightmares

Nick Popovich – I Found a Thing and You Can Too: ISP’s Unauthenticated SOAP Service = Find (almost) All the Things!

Pete Herzog – Five Secrets to Building an Amazing Security Culture in Your Organization

Ray Kelly – Man In The Front – Modifying the Android OS for Mobile Application Testing

Schuyler Towne – How to Make a Lock

Seth Hanford – CVSS v3 – This One Goes to 11

Steve Werby – Bad Advice, Unintended Consequences, and Broken Paradigms – Think & Act Different!

RVAs3c Shirt Revealed!

June 5, 2014
AnnouncementConference

We posted several months ago our new RVAs3c 2014 logo by Mar (@spux)!

RVAs3c 2014 Logo!But what we didn’t share the the T-shirt Mar made for us which is amazing!

Without further delay……….

RVAs3c-shirt

Registration Ends TODAY!

May 30, 2014
AnnouncementConference

restricted_area_-_authorized_personnel_only_sign_lRegistration for RVAs3c ends at 11:55 PM Eastern time today! 

We only have a few tickets left, and since there are no sales at the door, don’t wait–just register to guarantee yourself entry.

Our amazingly cheap training classes are still open, as all four still have spots available.

Message From Schuyler About Training!

May 29, 2014
AnnouncementTraining

Hey, RVASec! I’m Schuyler, physical security guy, lockpicker, researcher, etc. I’ve been very honored to run trainings at RVASec the past 2 years, and while I feel confident that I’ve been able to bring a lot of material and hands-on experience to folks who took my classes, this year I’m trying to take a big leap forward.

While we will still be covering the traditional skills of lockpicking, this year’s class will use lock forensics as a scaffolding for teaching those concepts. I’ll be bringing my DSLR Microscope setup where we can collectively inspect the evidence left behind by various methods of entry live to the projector. Each entry technique will be explained in depth, then carried out by every attendee on locks provided to them. Once the concept is understood and successfully executed, we’ll open one of the locks under the microscope to see the tool marks left behind.
examples (1)
Each student will be trained in how to properly handle, disassemble and inspect their locks using plastic tweezers, plastic pinning trays, proper logging, and high def microscopy. The conclusion of the class will involve each student leading the class through the inspection of a mystery lock that will have been given to them at the start of the course. They will mount the specimens for everyone to see, provide analysis of the markings, and give a determination of the method of entry. The answer will have been previously provided to them in a sealed envelope. Think of it as a geekier murder mystery party.
At the end of the course students will understand and have practical experience with several methods of entry, including percussive attacks, basic picking and raking, and impressioning of cylinders. They will also have a strong foundation in the principles of lock forensics, from how to handle the lock, to tool mark analysis, to reporting their findings. I’ve been preparing for this course for years, and I’m incredibly excited to bring it to RVASec. I hope to see you there!
Only a little time left to sign up for the class!

Reception Sponsored by TruShield Security!

May 28, 2014
AnnouncementConference

We are pleased to announce that TruShield Security has agreed to sponsor breakfast Friday, and the reception at the conclusion of RVAsec!

The reception will take place right after the last talk and will include food, beverages and all of the prizes for the CTF and from our sponsors.

Thanks again to TruShield for helping make this a great event!

trushieldlogo_redBackground

After Party Sponsored By Rapid7, LogRhythm and FishNet Security!

May 21, 2014
AnnouncementConference

We are pleased to announce that Rapid7, LogRhythm and FishNet Security have all come together to sponsor the RVAsec after party!

The after party will be held at Postbellum on Thursday, June 5th at 6:30pm!

The event takes place shortly after day one of the conference ends–and it is a quick walk over so you can head right from VCU for some cocktails and food!

If you plan to attend, please register to ensure we have enough staff & space reserved!

https://www.surveymonkey.com/s/7QF3PT9

Event Details:

Thursday June 5th 6:30pm-8:30PM (maybe longer!)
1323 West Main Street Richmond, VA 23220
(804) 353-7678

Google Maps Link

Thanks again to our sponsors for making sure RVAsec attendees will be well taken care of this year!

 rapid7_logo_orange-840px

LogRhythm_LogoLockup_SecurityIntelligencePlatform_2Color_PMS

fishnet security

Gene Fishel, Chief Of The Computer Crime Section In Virginia Attorney General’s Office To Keynote!

May 21, 2014
AnnouncementConference

Gene FishelGene Fishel currently serves as Senior Assistant Attorney General and Chief of the Computer Crime Section in Virginia Attorney General Mark Herring’s Office. In this capacity he directs prosecutions of computer fraud, identity theft, and child exploitation cases in state courts across Virginia, and serves as a Special Assistant United States Attorney in both the Eastern and Western Districts of Virginia where he prosecutes computer crime cases in federal court. He additionally oversees the office’s recently established Computer Forensics Unit which conducts investigations and computer forensic analyses for criminal cases across the Commonwealth. He also monitors organizations’ compliance with Virginia’s database breach notification laws, drafts legislation for the Virginia General AGene Fishelssembly, trains law enforcement and prosecutors statewide, and educates the public on issues involving computer crimes.

During his eleven-year tenure at the Attorney General’s Office, Gene has helped to draft and enact sweeping reforms to computer crime and child exploitation laws in Virginia, and has been involved in numerous novel and complex federal and state prosecutions, including the nation’s first, felony prosecution for illicit spamming in 2004. He has served on numerous boards and committees including the Board of Governors for the Criminal Law Section of the Virginia State Bar, the National White Collar Crime Center’s Cybercrime Advisory Board, the Virginia General Assembly’s Joint Committee on Technology and Science Advisory Committee, and the Governor’s Office of Substance Abuse Advisory Committee. He has also lectured and presented on data breach issues and computer crimes to various agencies, organizations, and conferences across the country including the Federal Trade Commission, the Central Intelligence Agency, the United States Capitol Staff, and United States Attorney conferences. In 2007, Gene was appointed as Senior Assistant Attorney General. Prior to his time at the Attorney General’s Office, Gene served as law clerk for the Second Judicial Circuit in Virginia Beach, VA. He received his JD from Wake Forest University and his BA, magna cum laude, from James Madison University.

Regular Registration Ends TODAY!

May 16, 2014
AnnouncementConference

restricted_area_-_authorized_personnel_only_sign_lRegular registration for RVAs3c ends at 11:55 PM Eastern time today! 

We may have late registration tickets for $150 (yes, that’s $50 more than right now)… but no guarantee!

And since there are no sales at the door, don’t wait–just register to guarantee yourself entry.

Our amazingly cheap training classes will remain open for now, as all four still have spots available.

RVAs3c Capture The Flag Update and Prizes Announced!

May 15, 2014
AnnouncementCTF
RVAs3c Capture The Flag:
The RVAsec Capture The Flag (CTF) is getting close! Below are details that are meant to ensure participants are prepared for the event. We’re excited to invite anyone and everyone who is interested in learning and exploring using different tools and techniques with hands on practical exercises to join us.

The team has worked hard to keep the “every man or woman” feel of the CTF from last year in effect. There are challenges of different varieties that should satisfy every skill level.

This year we are again going for the wireless competition, which allows a little bit of freedom as far as cables go. There will be a dedicated space setup in the vendor area, with some seating on first come basis. Please confirm in advance with the survey you will receive from the RVAs3c organizers soon to help us make sure we have enough space and can better guarantee you’ll be counted when that space is divided up.

We plan to have staff walking around to assist folks in case of any major issues, as well as to answer questions, within reason. We can’t give you the answers of course, unless you happen to have some massive dogecoin wallets laying around (kidding!).

When: Friday, 06/06/2014 – Start time will be near 10am EST, and end time will be at or prior to 4pm EST; announcements will be made onsite. Also, note that we have CTF prep time on Day 1 if you have questions or need helping getting setup. The first 10 people that show up to the prep session will get a custom SecuraBit USB case. The RVAsec schedule also reflects this: http://rvasec.com/schedule/
Where: Same location as the con itself (http://rvasec.com/location/) in the main vendor room.
Who: Living humanoid-ish… seriously, this is for everyone from hobbyists, sys/net admins, infosec pro’s, tinkerers, makers, fixers and breakers… come out and play. We’ll all teach, learn and grow together!
What: …to do. See below:
DO bring a wireless network enabled laptop. This will be primarily wireless access so make sure you have that capability.
DO have the ability to run Backtrack 5r3 (http://www.backtrack-linux.org/downloads/), Pentoo (http://www.pentoo.ch/) or Kali Linux (http://www.kali.org/) either as a virtual machine, from bootable media (CD/DVD flash drive), or installed as your OS. Most of the scenarios in the CTF can be completed with the tools within these security-centric Linux distributions. Not a requirement per se, but a BIG suggestion.
DO understand that the CTF network is a closed private network, and will not have Internet access. CTF Participants will have the ability to connect to a separate guest wireless network with internet access for research, tool downloads, etc. during the event, but will have to disconnect from the CTF network to do so. Do not rely on this entirely though, if that wireless goes down it may be beneficial to bring your own hotspot.
DO listen to and respect any instructions and guidance provided at the event. We want to provide an environment that is conducive to learning, tinkering, exploring and having a good time.
What: …NOT to do. See below:
DON’T use words or phrases like “irregardless”, “all of the sudden” or “cybergeddon”.
DON’T feed or pet any of the conference organizers or volunteers.
DON’T attack any other CTF participants (logically or physically).
Pre-Register: If you plan to participate in the CTF we ask that you check the CTF option when registering for RVAsec or if you’re unsure if you did already, email us atfeedback@securabit.com and we’ll make sure you’re accounted for.
************  What you can win? *******************

There are some awesome prizes lined up.

First place is a HackRF Pre-order, which is a really great way to learn about wireless beyond the standard 2.4 and 5GHz most are used to from mainstream access points.

Second place is a Pineapple courtesy of Hak5, for all your pwning needs.

Third place is the Android Hacker’s Handbook, to assist you in understanding all sorts of wonderfully evil things you can do to your phone or tablet, or anything else running Android!

If you have any questions please let us know!