Speaker feature: Evan Booth

April 8, 2014
AnnouncementConference

@evanbooth / terminalcornucopia.com

Growing up, it was a safe bet that if an object around the house was held together with screws or contained any number of wires, Evan “treefort” Booth took it apart at some point to see what made it tick. In 4th grade, with the help of strategically placed pens, erasers, and a Pop-Tarts wrapper, Evan’s pencil box could quickly be converted into a model rocket launchpad. His Liquid Drano purchases to toilets cleaned ratio is absolutely abysmal. This never-ending supply of curiosity eventually translated into a passion for understanding computers and programming.
Having earned a degree in Digital Media — a nerdy union of design fundamentals and computer programming — from East Tennessee State University in Johnson City, Evan founded his company, Recursive Squirrel, where he has served a wide variety of clients in need of application development and consulting for nearly a decade. When he isn’t organizing 1′s and 0′s, Evan is likely off picking locks with the FALE Association of Locksport Enthusiasts, a lock picking group he co-founded in 2010.
In his most recent project, Terminal Cornucopia, Evan set out to demonstrate how difficult it would be for an attacker to construct lethal weapons in a typical airport terminal after the security screening. After successfully building an arsenal consisting of everything from simple melee weapons to reloadable firearms to a remotely-triggered incendiary suitcase, Terminal Cornucopia garnered international media attention and attracted viewers from nearly every country on the planet.
Make no mistake: the best part about buying a bulky item is, in fact, the huge cardboard box.

Evan will be presenting Terminal Cornucopia: Demystifying the Mullet

When solving difficult problems that require unorthodox thinking, it’s crucial that you remember APATHY: Acronyms Probably Aren’t That Helpful, Yo. Instead, we’ll dig into the practical side of creative problem solving by reflecting on Terminal Cornucopia — my year of building improvised weapons out of materials and items available in what is touted as one of the most “sanitized” environments designed for everyday citizens: the airport.

This talk will serve as a primer on building lethal improvised melee, projectile, explosive, and incendiary weapons. More importantly, I will share lessons learned about creativity, passion, and human potential during my year with Angus MacGyver.

Dust off your leather jacket and roll up those tube socks; we’re going to hit the ground running!

Speaker feature: David J. Bianco

April 7, 2014
AnnouncementConference

@DavidJBianco / detect-respond.blogspot.com
Mandiant (a FireEye Company)

Before coming to work as a DFIR subject matter expert at Mandiant, David spent five years helping to build an intel-driven detection & response program for a Fortune 5 company. He set detection strategies for a network of nearly 500 NSM sensors in over 160 countries and led response efforts for some of the company’s the most critical incidents, mainly involving targeted attacks. He stays active in the community, speaking and writing on the subjects of Incident Detection & Response and Threat Intelligence.

David will be presenting The Pyramid of Pain: Intel-Driven Detection & Response to Increase Your Adversary’s Cost of Operations

There’s more to good threat intelligence than lists of domains or IPs, and it’s useful for more than just finding bad actors in your environment. What if I told you that you could use threat intelligence not only to get better at detecting and responding to incidents, but also to make your attackers’ lives significantly more difficult, to drive up the costs of their operations and to potentially make it so expensive to operate against you that they give up? Sound too good to be true?
In this talk, I’ll cover a practical, proven framework for applying threat intel to incident detection and response. The framework’s centerpiece is the Pyramid of Pain. The result of nearly 5 years experience directing the global detection program for a Fortune 5 company, the Pyramid is a blueprint for turning your incident response capability into an offensive weapon to cause pain for your attackers.

RVAs3c Speakers!

March 31, 2014
AnnouncementConference

Here are the speakers for the 2014 RVAs3c conference!

David Kennedy – Keynote
David J. Bianco Evan Booth
Sarah Clarke Jonathan Dambrot
Inga Goddijn Seth Hanford
Pete Herzog Dan Holden & Elizabeth Martin
Ray Kelly Jack Mannino & Abdullah Munawar
mubix Kizz MyAnthia
Kimberley Parsons & Carmen Sullo Joey Peloquin
Nick Popovich David Sharpe & Katherine Trame
Jayson E. Street Ben Tomhave
Schuyler Towne Steve Werby

 

Head to the Speaker’s Page to see information about each speaker and the topics they will be presenting!

Badge Update From @hackrva

March 20, 2014
AnnouncementBadges
We recently had an update from the Hack.RVA team on the badges for this year’s conference and we had to share!  They have been heavily focused on the etching process the past few months and are making great progress. They tested a spray-on resist with very unpredictable results, and have replaced it with a resist film application, with one more method to test out before making a final decision. Last year the etching stage was a huge time sink and a source of some errors, so they are determined to get it right this year!
The software is currently only in the driver “bring-up” phase, and the only component that hasn’t been tested is the IR, which is the same model used in last year’s badge, only smaller. 
Here is a picture of one of the first prototypes. 
IMG_20140215_140315

Hotel Information – Book now!

March 17, 2014
AnnouncementConference

RVAsec has reserved a block of rooms at the Crowne Plaza for our out of town guests. The rate is $114/night (which includes parking)–just mention block “RVAsec” to get the special rate.  Unfortunately, you will need to call the hotel to get the rate–it will not work online.

If you need a room, please make sure to book ASAP!

Crowne Plaza Richmond Downtown
555 East Canal Street, Richmond VA 23219
804-788-0900 or 800-2CROWNE

The hotel has a shuttle that runs back and forth from the conference location at VCU for both days.

If for any reason you are unable to get the RVAsec rate or the block of rooms has been filled, please let us know so we can obtain a larger block from the hotel.

Discount Ends Tonight & Sell Out Risk High!

March 14, 2014
AnnouncementConference

Just under 10 hours left to get RVAsec tickets at half off–only $50!

And if that’s not enough incentive to purchase your tickets early, and you still want to attend you better think about pulling the trigger soon. We have already sold approximately 75% of all available tickets for the event!

Don’t forget all the things you get with registration, including 2 full days of talks, parking, meals, snacks, drinks, reception, prizes, a capture the flag contest, t-shirt & swag!

So, to recap, we are closing in on selling out already and the conference prices are as follows:

  • $50 discounted price until 3/14
  • $100 regular price until 5/16
  • $150 late registration until 5/30

 

Register now!

 

David Kennedy to Keynote RVAsec!

March 10, 2014
AnnouncementConference

We are pleased to announce that David Kennedy will be keynoting RVAs3c 2014!

dave-kennedyDavid is the Founder and Principal Security Consultant for TrustedSec, who provides information security consulting services for a large portion of the Fortune 1000 space as well as medium-sized companies. Prior to TrustedSec, David was a Chief Security Officer (CSO) for Diebold Incorporated, a Fortune 1000 company located in over 80 countries with over 16,000 employees. David developed a global security program that tackled all aspects of information security. David is considered a thought leader in the security field and has presented at over three hundred conferences worldwide.

David has had numerous guest appearances on Fox News, CNN, CNBC, Huffington Post, Bloomberg, BBC, The Katie Show, and other high-profile media outlets. David is the founder of DerbyCon, a large-scale information security conference. David has testified in front of Congress on multiple occasions on the threats we face in security and in the government space.

David also co-authored Metasploit: The Penetration Testers Guide, which was number one on Amazon in security for over a year. David was also one of the founding members of the “Penetration Testing Execution Standard” (PTES). PTES is the industry leading standard and guideline around how penetration tests should be performed. David has had the privilege to speak and keynote at some of the nations largest conferences.

David is the creator of several widely popular open-source tools including “The Social-Engineer Toolkit” (SET), Artillery, and Fast-Track. David has also released several zero-day exploits and focuses on security research. David has over 14 years of security experience, with over 9 specifically in security consulting. Prior to the private sector, David worked in the United States Marines for cyber warfare and forensics analysis activities.

David also recently testified before the US Congress about the security of the healthcare.gov web site.

RVAsec CTF: What to expect this year!

March 4, 2014
AnnouncementConferenceCTF
Last year RVAsec had its first CTF and it was a huge success.   The team has been planning to make the event this years even better and have a lot in store.  We caught up with Chris Gerling to get some information on what to expect this year.
(RVAsec) The CTF was aimed to be a bit of a different take than normal and huge hit at last year’s at RVAsec. Can you tell us a little about it?
Chris: We wanted to build an “Everyman” CTF, which allowed people from all skill levels and professions to participate and learn. Our goal was education, and to give people a platform for that to happen on. The trick was balancing easy challenges with medium and very difficult as well, giving everyone a challenge without making them feel too confused. We believe it worked very well.
(RVAsec) How many people participated? How did the RVAsec attendees do with the CTF?
Chris: 37 people ended up participating and nearly all scored on at least one challenge. It was really awesome to see people learning and solving problems, and even surprising themselves with what they could figure out.
(RVAsec) What were some things that you learned from last year?
Chris: We learned that the registration process needs to be cleaner, and we need to do a better job of keeping track of people for giving our prizes. It’s also going to be beneficial to have the event more organized with goals we want to hit in terms of announcements, at every stage of the event.
Hardware wise, we’re using a smaller machine that doesn’t weigh as much. The AP we used, which was a WNDR4500 held up well, but we’re going to augment that this year and look into providing wired access.
(RVAsec) What are the plans for the CTF this year?
Chris: We plan on offering a similar style CTF, with a tiered approach. Possible additions are a more robust story line, and a free 1 hour seminar for brand new participants who have never done a CTF before.
(RVAsec) If someone wanted to participate, what would you recommend they do to prepare?

Chris: There are a plethora of tutorials available on youtube and securitytube. There are also challenges available at https://www.honeynet.org/challenges that are really great to learn on.  Getting familiar with tools like Wireshark, and basic command line usage in a distribution such as Kali Linux will be very valuable.  From a DFIR standpoint downloading and learning the SANS SIFT workstation is also one way to learn forensics tools.

(RVAsec) Can you give attendees any hints or teasers about the CTF?
Chris: Only if you bring us some beer. 😉  We’ll actually be releasing some teasers once we’ve got more content built out in the coming weeks!
(RVAsec) How do people sign up to participate?
Chris:  You can register for the CTF when you purchase your ticket for RVAsec, or directly on the SecuraBit web site.

(RVAsec)  Do you need any help?  If so, what and how can people or companies help out?
Chris: We can always use help in creating this. We’re really ramping up over the next few weeks and starting to build things. If you want to build a challenge, or have any content at all you want to contribute, we definitely need that. If you’re really motivated and want to push on us all to do the best job we can, we’d love to have you on the team.

Sponsors are welcomed if any want to donate prizes to give away. We will give you a shout out and display your logo on the scoreboard.
(RVAsec) Anything else?
We can’t wait to see people learn again, and are very grateful to have a place to put this event on in RVAsec!  If you want to get involved, have questions or want to sponsor please contact us at ctf@securabit.com

Training: Metasploit for Web PenTesting

February 20, 2014
AnnouncementTraining

Instructor: Kizz MyAnthia

Metasploit is most commonly known for its epic pwnage of network and service level vulnerabilities. What you may not know is that same epic pwnage can be leveraged exploiting web application vulnerabilities. By leveraging the ability to custom build Metasploit modules or tools using the framework the power of Metasploit is only limited by the imagination of the user. “Into The Worm Hole: Metasploit For Web PenTesting” will build on prior knowledge of Metasploit and help elevate the tester’s skills and abilities by working hands-on building a custom scanner, using Metasploit to exploit Web Vulnerabilities, and learn to use Metasploit for phishing, XSS, and other web application vulnerabilities.

Training classes are held on Thursday, June 4th, before the conference.  This class will cost $250.

Into the Worm Hole: Metasploit for Web PenTesting
“Into the Worm Hole: Metasploit for Web PenTesting” is an Intermediate level class and attendees should understand what Metasploit is and how to use it. A knowledge of Ruby is extremely beneficial, but some scripting experience or skill (any language) is recommended.

For more information on the class and the instructor, or to register, please see:

http://rvasec.com/training/