Ekoparty 2021 Speakers
Aquí están las charlas de los 5 días de conferencia. Los detalles de acceso a la plataforma para serán enviados por correo electrónico cuando te registres a la eko.
Main Track
DIAL: Did I just alert Lambda? A centralized security misconfiguration detection system
Saransh Rana & Divyanshu Mehta & Harsh Varagiya
DIAL: Did I just alert lambda?”, is a centralized monitoring and alerting system completely running stateless, which gives us end-to-end visibility on internal threats, security misconfigurations like database going public, over permissive IAM policies, happening across different AWS accounts. It runs on the top of AWS Lambda, thus making it infinitely scalable which is easily deployable across multiple AWS accounts.
Saransh Rana
Security Engineer@CRED, likes to break network, cloud and application logics and in free time like to automate all the findings to take away the pain of re-testing the same things again and again, and research on new attack vectors.
Harsh Varagiya
Security Engineer at CRED, with a curious mind and a lot of determination who likes exploring technology and reading books.
Martin Abbatemarco
Argentinian security researcher working at OpenZeppelin, the leading company in smart contract security on the Ethereum blockchain. Formerly penetration tester at a big-four, he decided to jump into the blockchain space to help secure the future open economy and individual empowerment that this technology can achieve. He's currently enrolled in a Master’s degree on Cybersecurity and Cyberdefense at UBA, and I has spoken at different meetups, conferences, and workshops about smart contract security (such as a 2-hour workshop at Ekoparty 2018, or a recent talk at DEFCON Blockchain Village in August 2020).
Overmedicated: Breaking the security barrier of a major infusion pump
Douglas McKee & Philippe Laulheret
Could someone hack an IV pump and spike up its infusion rate to overdose patients? In this talk, we describe the process we took to remotely compromise the BBraun Infusomat pump used in hospitals worldwide. Join us for the RE of multiple firmware, vuln research, and exploitation demos!
Douglas McKee
Douglas McKee is a Principal Engineer and Senior Security Researcher for the Advanced Threat Research team, focused on finding new vulnerabilities in both software and hardware. Douglas has an extensive background in vulnerability research, penetration testing, reverse engineering, malware analysis, and forensics and throughout his career has provided software exploitation training to many audiences, including law enforcement. Doug is a regular speaker at industry conferences such as DEF CON and his research is regularly featured in publications with broad readership including Politico, Bleeping Computer, Security Boulevard, Venture Beat, CSO, Politico Morning eHealth, Tech Republic, and Axios
Philippe Laulheret
Philippe Laulheret is a Senior Security Researcher on the McAfee Advanced Threat Research team. With a focus on Reverse Engineering and Vulnerability Research, Philippe uses his background in Embedded Security and Software Engineering to poke at complex systems and get them behave in interesting ways. In his spare time, Philippe enjoys playing CTFs, immersing himself in the beauty of the Pacific Northwest, and exploring the realm of Creative Coding. Philippe holds a MSc in Computer Science from Georgia Tech and a MSc in Electrical and Computer Engineering from Supélec (France)Martin Abbatemarco
Argentinian security researcher working at OpenZeppelin, the leading company in smart contract security on the Ethereum blockchain. Formerly penetration tester at a big-four, he decided to jump into the blockchain space to help secure the future open economy and individual empowerment that this technology can achieve. He's currently enrolled in a Master’s degree on Cybersecurity and Cyberdefense at UBA, and I has spoken at different meetups, conferences, and workshops about smart contract security (such as a 2-hour workshop at Ekoparty 2018, or a recent talk at DEFCON Blockchain Village in August 2020).
PINATA: PIN Automatic Try Attack
Salvador Mendoza
A brute force attack is a trial-and-error method used to obtain information such as user passwords or personal identification numbers (PINs). This attack methodology should be impossible to apply to the actual secured EMV bank cards. In this talk, we will analyze how an inadequate implementation could rely on an extreme and sophisticated PIN brute force attack against 10,000 combinations from 4 digit PIN that could affect millions of contact EMV cards.
Salvador Mendoza
Salvador Mendoza is a Metabase Q security researcher and member of the Ocelot Offensive Security Team. Salvador focuses on tokenization processes, payment systems, mag-stripe information and embedded prototypes. He has presented on tokenization flaws and payment methods in different conferences such as Black Hat USA, DEF CON, HITB, Troopers and many others. Also, Salvador designed different tools to pentest mag-stripe information and tokenization processes. Author of “Show me the (e-) money Hacking a sistemas de pagos digitales: NFC. RFID, MST y Chips EMV“. A Spanish-written book with a collection of different attacks against payment systems.
Martin Abbatemarco
Argentinian security researcher working at OpenZeppelin, the leading company in smart contract security on the Ethereum blockchain. Formerly penetration tester at a big-four, he decided to jump into the blockchain space to help secure the future open economy and individual empowerment that this technology can achieve. He's currently enrolled in a Master’s degree on Cybersecurity and Cyberdefense at UBA, and I has spoken at different meetups, conferences, and workshops about smart contract security (such as a 2-hour workshop at Ekoparty 2018, or a recent talk at DEFCON Blockchain Village in August 2020).
Response Smuggling: Exploiting HTTP/1.1 Connections
Martin Doyhenard
Over the past few years, we have seen some novel presentations re-introducing the concept of HTTP request smuggling, to reliably exploit complex landscapes and systems. With advanced techniques, researchers were able to bypass restrictions and breach the security of critical web applications. This presentation will take a new approach, focusing on the response pipeline desynchronization, a rather unexplored attack vector in HTTP Smuggling. First, I will introduce a Desync variant, using connection-tokens to hide arbitrary headers from the backend. This technique does not abuse discrepancy between HTTP parsers, but instead relies on a vulnerability in the protocol itself! The issue was found and reported under Google’s Vulnerability Reward Program for a nice bounty! Next, I will show how it is possible to inject multiple messages at the backend server, mixing the pipeline’s connection order, and hijack users sessions from login requests. Finally, using a novel technique known as Response Scripting, I will demonstrate how to create malicious outbound messages using static responses as the building blocks. This will be leveraged to write custom responses and take control of one of the most popular protocols in history!
Martin Doyhenard
Martin is a security researcher at the Onapsis Research Labs. His work includes performing security assessment on SAP and Oracle products and detecting vulnerabilities in ERP systems. His research is focused on Web stack security, reverse engineering and binary analisis, and he is also an active CTF player. Martin has spoken at different conferences including DEFCON, RSA and EkoParty, and presented multiple critical vulnerabilities
Martin Abbatemarco
Argentinian security researcher working at OpenZeppelin, the leading company in smart contract security on the Ethereum blockchain. Formerly penetration tester at a big-four, he decided to jump into the blockchain space to help secure the future open economy and individual empowerment that this technology can achieve. He's currently enrolled in a Master’s degree on Cybersecurity and Cyberdefense at UBA, and I has spoken at different meetups, conferences, and workshops about smart contract security (such as a 2-hour workshop at Ekoparty 2018, or a recent talk at DEFCON Blockchain Village in August 2020).
Revisiting ring3 API hooks: tricks to defeat analysis tools... Even the famous ones.
Rafael Salema Marquez
One of the goals pursued by malware writers is developing codes that can remain unknown as long as possible. API Hook is a technique widely used by rootkits to modify the system behaviour hiding the adversary's presence. Therefore, the malicious artefact must be coded to achieve the expected functionalities and avoid patterns the adversary defence approaches expect. In this talk, we will revisit the ring3 API hook subject introducing and demonstrating some variations of existing techniques. I coined the API hook variations as "Egg hook" and "Hollow hook", which are focused on confusing and defeating famous malware analysis and forensics tools.
Rafael Salema Marquez
Rafael Salema Marques (SWaNk) tend to define himself as a malware enthusiast. Has been coding malware since early 2k. Today is a PhD student, which research novel threat detection approaches. SWaNk main skills are related to the development of attack vectors to support red team activities. Always available to code, coffee and beer.
Martin Abbatemarco
Argentinian security researcher working at OpenZeppelin, the leading company in smart contract security on the Ethereum blockchain. Formerly penetration tester at a big-four, he decided to jump into the blockchain space to help secure the future open economy and individual empowerment that this technology can achieve. He's currently enrolled in a Master’s degree on Cybersecurity and Cyberdefense at UBA, and I has spoken at different meetups, conferences, and workshops about smart contract security (such as a 2-hour workshop at Ekoparty 2018, or a recent talk at DEFCON Blockchain Village in August 2020).
The Kerberos Key List attack: The return of the Read Only Domain Controllers
Leandro Cuozzo
Microsoft wants Azure everywhere and following that premise, the company has implemented several features in this platform. From an authentication point of view, the most interesting ones are the passwordless scenarios. A short time ago, Microsoft released a new functionality that enables passwordless authentication with security keys in Azure environments. This offers us a seamless SSO experience, but under the hood there is something else: the return of the Read Only Domain Controllers. In this talk I’ll introduce a new attack vector against the RODCs using the Kerberos Key List request messages.
Leandro Cuozzo
Security researcher at SecureAuth, focused on authentication and identity security. Main maintainer of Impacket.
Unknown
Security researcher at SecureAuth, focused on authentication and identity security. Main maintainer of Impacket.Martin Abbatemarco
Argentinian security researcher working at OpenZeppelin, the leading company in smart contract security on the Ethereum blockchain. Formerly penetration tester at a big-four, he decided to jump into the blockchain space to help secure the future open economy and individual empowerment that this technology can achieve. He's currently enrolled in a Master’s degree on Cybersecurity and Cyberdefense at UBA, and I has spoken at different meetups, conferences, and workshops about smart contract security (such as a 2-hour workshop at Ekoparty 2018, or a recent talk at DEFCON Blockchain Village in August 2020).
The Unbelievable Insecurity of the Big Data Stack
Sheila A. Berta
Today, when conducting a security assessment on Big Data infrastructures, there is currently no methodology for it and there are hardly any technical resources to perform the assessment. This talk presents new and impactful attack vectors in the four layers of the Big Data stack.
Sheila A. Berta
Sheila A. Berta is an offensive security specialist who started at 12 years old by learning on her own. At the age of 15, she wrote her first book about Web Hacking, published in several countries. Over the years, Sheila has discovered vulnerabilities in popular web applications and software, as well as given courses at universities and private institutes in Argentina. She specializes in offensive techniques, reverse engineering, and exploit writing and is also a developer in ASM (MCU and MPU x86/x64), C/C++, Python and Go. In recent years she focused on Cloud Native and Big Data security. As an international speaker, she has spoken at important security conferences such as Black Hat Briefings, DEF CON, HITB, Ekoparty, IEEE ArgenCon and others. Sheila currently works as Head of Research at Dreamlab Technologies.
Martin Abbatemarco
Argentinian security researcher working at OpenZeppelin, the leading company in smart contract security on the Ethereum blockchain. Formerly penetration tester at a big-four, he decided to jump into the blockchain space to help secure the future open economy and individual empowerment that this technology can achieve. He's currently enrolled in a Master’s degree on Cybersecurity and Cyberdefense at UBA, and I has spoken at different meetups, conferences, and workshops about smart contract security (such as a 2-hour workshop at Ekoparty 2018, or a recent talk at DEFCON Blockchain Village in August 2020).
Who needs JS when you’ve got Turing complete fonts?
Octavio Gianatiempo & Javier Aguinaga
Do you want to pwn Adobe Reader without using JS? In this talk we show how we used a bug reported in the stack machine that parses Type 1 fonts to land a 100% reliable exploit. We explain how this machine can be abused to build a ropchain capable of executing any shellcode in the rendering process.
Octavio Gianatiempo
I’m a Security Researcher at Faraday but I’m also a Molecular Biology Ph.D. student. I know this is a strange combination, so let me tell you how I transitioned from biologist to hacker. The doctoral program faced me with challenges of diverse nature. During the first year, the necessity of analyzing complex biological data sparked my interest in programming. For this endeavor, I learned data processing, analysis, and visualization with R and Python. But I wanted to achieve a deeper understanding of how computers work and what makes an algorithm performant so I decided to enroll in Computer Science and began taking courses at night after my Ph.D. hours.
Javier Aguinaga
Security Researcher en Infobyte LLC, Faraday Sec. Entusiasta de la seguridad informática y el research de vulnerabilidades.Martin Abbatemarco
Argentinian security researcher working at OpenZeppelin, the leading company in smart contract security on the Ethereum blockchain. Formerly penetration tester at a big-four, he decided to jump into the blockchain space to help secure the future open economy and individual empowerment that this technology can achieve. He's currently enrolled in a Master’s degree on Cybersecurity and Cyberdefense at UBA, and I has spoken at different meetups, conferences, and workshops about smart contract security (such as a 2-hour workshop at Ekoparty 2018, or a recent talk at DEFCON Blockchain Village in August 2020).
De 0 a millones de dólares en un par de paquetes: Comprometiendo sistemas SAP en Internet sin autenticación
Pablo Artuso & Ignacio Favro
Millones de dólares expuestos a Internet, exploits públicos y sencillos de utilizar que amenazan la seguridad de las empresas más grandes del mundo. Esta charla detallará tres vulnerabilidades que fueron descubiertas y explotadas en 2020 a 72 hs de la publicación de los parches de seguridad.
Pablo Artuso
Pablo trabaja hace 7 años como investigador en seguridad informática en Onapsis. Entre sus principales tareas se encuentran: hacer pentests, dictar el curso de SAP y buscar vulnerabilidades en distintos productos para después reportarlas a su respectivo proveedor. Tuvo la posibilidad de presentar sus resultados en otras conferencias como Black Hat USA, Troopers y ediciones anteriores de la Ekoparty. En su tiempo libre, trata de participar en CTFs o de desarrollar tools relacionadas a seguridad.
Ignacio Favro
Ignacio D. Favro ("Pato") es Security Research en Onapsis. Ama investigar y explorar sobre nuevas tecnologías, y pensar sobre ello potenciales nuevas vulnerabilidades y vectores de explotación. Siempre con un espíritu curioso, Pato disfruta saltar entre proyectos que involucren distintos lenguajes de programación, protocolos de red o metodologías de investigación. Antes de sumarse a Onapsis, se desempeñó como Consultor en Seguridad con actividades como pentest, que comenzó a especializar en SAP cuando se sumó a la empresa, como así también el dictado del curso de seguridad en SAP.Martin Abbatemarco
Argentinian security researcher working at OpenZeppelin, the leading company in smart contract security on the Ethereum blockchain. Formerly penetration tester at a big-four, he decided to jump into the blockchain space to help secure the future open economy and individual empowerment that this technology can achieve. He's currently enrolled in a Master’s degree on Cybersecurity and Cyberdefense at UBA, and I has spoken at different meetups, conferences, and workshops about smart contract security (such as a 2-hour workshop at Ekoparty 2018, or a recent talk at DEFCON Blockchain Village in August 2020).
The silent partners
Carlos Benitez & Luciano Bello
"In our first episode, we gave an introduction to Quantum Computing (QC). We talked about the principles, that quantum computers are already being developed, and about the online services available for public use. On that occasion, we also presented two algorithms. One of them was Deutsch’s algorithm, that is the ‘Hello World’ of quantum computing. The other one was only mentioned: Shor’s algorithm. This is considered by some as the “the end for conventional cryptography”. We showed why we disagree with that assessment. In this episode, we want to introduce the audience to the algorithm that sits as the core building block of Shor’s algorithm as well as other quantum computer algorithms: the Quantum Fourier Transform (QFT). Joseph Fourier developed his famous transform almost 200 years ago. He showed that any space or time function can be decomposed as a summation of infinite harmonics. This leads to a base transformation that allows us to move back and forward from time to frequency domains. This purely mathematical transformation was improved to calculate any arbitrary signal sample through the 1805’s developed Discrete Fourier Transform (DFT). Nevertheless it was in 1965 when Cooley and Tukey developed a fast version of the fourier transform, the FFT. This algorithm is nowadays embedded in almost every sound and video device, and it is part of many Artificial Intelligence algorithms. FFT was the fastest way to calculate Fourier Transforms until the QFT showed up. Though QFT is not exactly another form of FFT, it allows us to find periods in samples. That’s why it is so important in algorithms like Shor’s. In this presentation, we continue our Quantum journey explaining the basics of the QFT algorithm. We want to deep dive on it. We will show how traditional factorization works, how the Fourier Transform is related to it and, finally, how to enter warp speed with QFT."
Carlos Benitez
Ing. y Mg. de la UTN FRBA Ministerio de Defensa: -Investigador en procesamiento de señales acústicas submarinas -Primer Lab en Seguridad Informática (Si6) -Diseño e implementación del primer SOC -Asesor técnico de la Subsecretaría de Ciberdefensa Privado: -Docente de posgrado en Argentina y Brasil -Consultor en ciberseguridad en Cybsec e independiente -Co-fundador de Platinumciber -Formación y mentoring de equipos -SOC, Ethical Hacking y Análisis y Gestión de Riesgos -Patente por dispositivo de ciberprotección -Quantum Computing enthusiast
Luciano Bello
Ing. de la UTN FRBA PhD de Charlmers (Suecia), Desarrollador Senior en IBM Research, Doctor en seguridad basada en lenguajes, Python coder, Desarrollador de Software Libre en Debian, Diseñador de lenguajes formales, Infosec enthusiast & Geocacher.Martin Abbatemarco
Argentinian security researcher working at OpenZeppelin, the leading company in smart contract security on the Ethereum blockchain. Formerly penetration tester at a big-four, he decided to jump into the blockchain space to help secure the future open economy and individual empowerment that this technology can achieve. He's currently enrolled in a Master’s degree on Cybersecurity and Cyberdefense at UBA, and I has spoken at different meetups, conferences, and workshops about smart contract security (such as a 2-hour workshop at Ekoparty 2018, or a recent talk at DEFCON Blockchain Village in August 2020).
Cloud is easy? Try to manage misconfigurations (no CVE's land) on 100k instances in mixed environments in real time
Carlos M. Gaona & Claudio Rosa
When you have standardized environments keeping everything OK is easy, but when you have 400+ accounts and 100k+ instances running and no standardized environments, it can be painful keeping the infra on the right side of the history can be a real challenge, here is how we accomplish it.
Claudio Rosa
Software engineer, cloud & sre first advocate and consultant. Studied at Universidad de Oriente in Venezuela.Claudio Rosa
Software engineer, cloud & sre first advocate and consultant. Studied at Universidad de Oriente in Venezuela.Martin Abbatemarco
Argentinian security researcher working at OpenZeppelin, the leading company in smart contract security on the Ethereum blockchain. Formerly penetration tester at a big-four, he decided to jump into the blockchain space to help secure the future open economy and individual empowerment that this technology can achieve. He's currently enrolled in a Master’s degree on Cybersecurity and Cyberdefense at UBA, and I has spoken at different meetups, conferences, and workshops about smart contract security (such as a 2-hour workshop at Ekoparty 2018, or a recent talk at DEFCON Blockchain Village in August 2020).
Criptografía Post-Cuántica integrada en HTTPS
Diego Córdoba
Se estima que en los próximos años podrían desarrollarse computadoras cuánticas con la cantidad suficiente de qubits y gestión aceptable de ruido necesarios para vulnerar los principales algoritmos criptográficos asimétricos actuales, y los mecanismos de intercambio de claves basados en Diffie-Hellman. Esto quiere decir que tecnologías como RSA, DSA o ECDH quedarían obsoletas. ¿En qué nos afecta? ¿Quién usa estos algoritmos? Uno de los protocolos de aplicación más utilizados en la actualidad es HTTPS, y éste, como muchos otros protocolos de aplicación, delega la gestión de su seguridad a TLS. TLS a su vez hace uso de algoritmos que hoy en día se consideran vulnerables al criptoanálisis cuántico, por lo que todos los protocolos que usen a TLS como base de su seguridad se verían afectados. Una de las soluciones más prometedoras es la implementación de algoritmos criptográficos post-cuánticos, teóricamente resistentes al criptoanálisis cuántico. Aunque estos algoritmos se encuentran en etapas iniciales de desarrollo, existen ya algunas implementaciones de software que permiten su integración en TLS de manera experimental. Durante la exposición se introducirán los conceptos teóricos básicos para comprender los resultados de las pruebas, se mencionarán algunos de los algoritmos candidatos según el proceso de estandarización del NIST, se expondrán los proyectos de software de código abierto más prometedores, sus bibliotecas e integraciones, y se mostrarán los resultados de algunas pruebas de concepto llevadas a cabo para ofrecer intercambio de claves y autenticación basada en algoritmos post-cuánticos en TLS y HTTPS
Diego Córdoba
Diego Córdoba es Ingeniero en Informática, docente universitario e investigador en la Facultad de Ingeniería de la Universidad de Mendoza, Argentina. Es co-fundador e instructor en JuncoTIC.com, donde se dedica a brindar capacitación online y onsite en GNU/Linux, certificaciones internacionales LPI, networking TCP/IP, programación en lenguaje C para entornos POSIX.1 (*nix), programación paralela y concurrente en Python, criptografía y seguridad en redes TCP/IP.
Se encuentra terminando su tesis de posgrado para obtener el título de Magíster en Teleinformática. En dicha tesis estudia las implementaciones de algoritmos criptográficos post-cuánticos en SSL/TLS y su integración con HTTP(S) y OpenVPN.
Además coordina un proyecto de investigación para el Instituto de Informática de la Facultad de Ingeniería (Universidad de Mendoza, Sede San Rafael) sobre Criptografía Neuronal, el uso de redes neuronales artificiales para realizar el intercambio de claves simétricas de cifrado sobre redes TCP/IP.
Martin Abbatemarco
Argentinian security researcher working at OpenZeppelin, the leading company in smart contract security on the Ethereum blockchain. Formerly penetration tester at a big-four, he decided to jump into the blockchain space to help secure the future open economy and individual empowerment that this technology can achieve. He's currently enrolled in a Master’s degree on Cybersecurity and Cyberdefense at UBA, and I has spoken at different meetups, conferences, and workshops about smart contract security (such as a 2-hour workshop at Ekoparty 2018, or a recent talk at DEFCON Blockchain Village in August 2020).
Kernel Pwning with eBPF: a Love Story
Chompie - Valentina Palmiotti
eBPF is the new in-fashion technology that allows developers to easily and safely extend the capalbilties of the Linux Kernel without needing to write kernel code. This talk will cover the basics of eBPF, the verifier, and the new attack surface that it introduces. Focus will be given on eBPF verifier vulnerabilities and how they can be exploited to achieve code execution in the kernel.
Chompie - Valentina Palmiotti
Researcher focused on low level vulnerabilities, exploit development and offensive security. Lead Security Researcher at Grapl, Inc.
Martin Abbatemarco
Argentinian security researcher working at OpenZeppelin, the leading company in smart contract security on the Ethereum blockchain. Formerly penetration tester at a big-four, he decided to jump into the blockchain space to help secure the future open economy and individual empowerment that this technology can achieve. He's currently enrolled in a Master’s degree on Cybersecurity and Cyberdefense at UBA, and I has spoken at different meetups, conferences, and workshops about smart contract security (such as a 2-hour workshop at Ekoparty 2018, or a recent talk at DEFCON Blockchain Village in August 2020).
Hacking the pandemic's most popular software: Zoom
Thijs Alkemade
When the pandemic required everyone to work from home, we saw a huge growth on the video conferencing market. It was this movement that made the organisation behind the world famous Pwn2Own competition decide to add an 'Enterprise Communications' category to this year’s competition. Everyone who was able to successfully demonstrate a zero-day attack against Zoom or Microsoft Teams would be rewarded $200,000. Daan Keuper and Thijs Alkemade, members of the research department of Computest, decided to take them up on this challenge and started researching Zoom. This resulted in a working exploit against the at the time latest version of Zoom that would give the attacker full control over the victim’s system. During this talk, Thijs will walk you through how we started our research, explain the vulnerabilities that were found and finally how those vulnerabilities were incorporated into the exploit that successfully performed the attack during the contest.
Thijs Alkemade
Thijs Alkemade works at the security research division of at Computest, a security company in The Netherlands. This division is responsible for advanced security research on commonly used systems and environments. Thijs is a Pwn2Own winner by demonstrating a zero-day attack against Zoom. In previous research he demonstrated several attacks against the macOS and iOS operating systems. He has a background in both mathematics and computer science, which gives him a lot of experience with cryptography and programming language theory.
Martin Abbatemarco
Argentinian security researcher working at OpenZeppelin, the leading company in smart contract security on the Ethereum blockchain. Formerly penetration tester at a big-four, he decided to jump into the blockchain space to help secure the future open economy and individual empowerment that this technology can achieve. He's currently enrolled in a Master’s degree on Cybersecurity and Cyberdefense at UBA, and I has spoken at different meetups, conferences, and workshops about smart contract security (such as a 2-hour workshop at Ekoparty 2018, or a recent talk at DEFCON Blockchain Village in August 2020).
1-click to infiltrate your organization via vulnerable VS Code extensions
Raul Onitza-Klugman & Kirill Efimov
Attackers have looked all around for means to compromise organizations through developers: malicious 3rd party packages, leaked credentials, unpatched vulnerabilities, and more. But the place that has become the new threat laid under their nose: the IDE. In this talk we're going to cover vulnerabilities discovered in popular VS Code extensions and how they can be leveraged to carry out supply chain attacks.
Raul Onitza-Klugman
Security researcher @ Snyk meets an organic grower. BSc's in Electrical Engineering and Physics. Started as a C/C++ embedded developer and moved to cybersecurity which I've been doing in the past 9 years. Love all things web and binary.
Kirill Efimov
Security research team leader, open source contributor, security enthusiast. Originally from Saint-Petersburg, Russia. Now living in Tel Aviv, Israel.Martin Abbatemarco
Argentinian security researcher working at OpenZeppelin, the leading company in smart contract security on the Ethereum blockchain. Formerly penetration tester at a big-four, he decided to jump into the blockchain space to help secure the future open economy and individual empowerment that this technology can achieve. He's currently enrolled in a Master’s degree on Cybersecurity and Cyberdefense at UBA, and I has spoken at different meetups, conferences, and workshops about smart contract security (such as a 2-hour workshop at Ekoparty 2018, or a recent talk at DEFCON Blockchain Village in August 2020).
Reflexiones de una hacker latina
Maggie Jauregui
Como estudiante de ingeniería no esperaba que mi vida profesional me llevara a escenarios alrededor del mundo explotando secadoras de cabello con walkie talkies, entrenando a profesionales en la seguridad de hardware, diseñando ropa y arte electrónico y representado a una de las empresas más destacadas de hardware ante la prensa.
Las carreras de ingeniería tienden a tener reputación de ser trabajo aburrido, tedioso y difícil en las que seguro pasarás tu vida encerrado en laboratorios, metido en libros o haciendo matemáticas complejas. Sin embargo, la seguridad informática es un campo científico en el cual los valores latinos de comunidad, creatividad y enfoque humano son superpoderes capaces de convertir una carrera de ingeniería en una aventura divertida de alto valor profesional y para la industria.
Esta plática también incluye hacks como el hardware hacking del cuerpo y cerebro humano para no sólo sobrellevar, sino disfrutar exitosa y auténticamente una carrera en el campo de la seguridad computacional.
Maggie Jauregui
Maggie Jauregui is a firmware and hardware offensive security researcher for Intel Corporation with over 10 years of experience focused on low level platform security. Maggie is part of Black Hat's review board and President of BSides Portland, the non-profit organization that puts together BSidesPDX. Throughout her career, Maggie has presented her research and delivered technical training on firmware and physical attack security topics at conferences around the world including DEFCON, Black Hat, CanSecWest, and hardwear.io among others.
Martin Abbatemarco
Argentinian security researcher working at OpenZeppelin, the leading company in smart contract security on the Ethereum blockchain. Formerly penetration tester at a big-four, he decided to jump into the blockchain space to help secure the future open economy and individual empowerment that this technology can achieve. He's currently enrolled in a Master’s degree on Cybersecurity and Cyberdefense at UBA, and I has spoken at different meetups, conferences, and workshops about smart contract security (such as a 2-hour workshop at Ekoparty 2018, or a recent talk at DEFCON Blockchain Village in August 2020).
Bundles of Joy: Breaking macOS via Subverted Applications Bundles
Patrick Wardle
A recent vulnerability, CVE-2021-30657, neatly bypassed a myriad of foundational macOS security features such as File Quarantine, Gatekeeper, and Notarization. Armed with this capability attackers could (and were!) hacking macOS systems with a simple user (double)-click. Yikes! In this presentation we’ll dig deep into the bowels of macOS to uncover the root cause of the bug: a subtle logic flaw in the complex and undocumented policy subsystem. Moreover, we’ll highlight the discovery of malware exploiting this bug as an 0day, reversing Apple’s patch, and discuss novel methods of both detection and prevention.
Patrick Wardle
Patrick Wardle is the founder of Objective-See. Having worked at NASA and the NSA, as well as presented at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy. Patrick is passionate about all things related to macOS security and thus spends his days finding Apple 0days, analyzing macOS malware and writing free open-source security tools to protect Mac users.
Martin Abbatemarco
Argentinian security researcher working at OpenZeppelin, the leading company in smart contract security on the Ethereum blockchain. Formerly penetration tester at a big-four, he decided to jump into the blockchain space to help secure the future open economy and individual empowerment that this technology can achieve. He's currently enrolled in a Master’s degree on Cybersecurity and Cyberdefense at UBA, and I has spoken at different meetups, conferences, and workshops about smart contract security (such as a 2-hour workshop at Ekoparty 2018, or a recent talk at DEFCON Blockchain Village in August 2020).
System for Deepfake Detection - DeepAudioDetector
Christian Camilo Urcuqui López & Kevin Zarama & Cristhian Eduardo Castillo Meneses
La información digital abunda al punto de saturarnos y ponernos a juicio sobre lo que es real. La alteración de contenido ha tenido una evolución gracias a la inteligencia artificial con los Deepfakes; modelos que cuentan con la capacidad de crear imágenes, videos o audios cada vez más reales que podrían ser utilizados para ingeniería social y otras amenazas cibernéticas. La charla presenta dos proyectos de investigación sobre la detección de Deepfakes a partir de un contenido que introducirá los conceptos aplicados, las metodologías con experimentos precisos para el desarrollo y la evaluación de las herramientas de detección. Posteriormente, se presentará una herramienta de libre uso para cualquier interesado y un conjunto de conclusiones e ideas del trabajo a seguir en el área.
Christian Camilo Urcuqui López
Científico de datos, hacker e investigador. Magíster en Informática y Telecomunicaciones, certificado como Big Data Scientist y especialista en aprendizaje profundo. Sus intereses incluyen la detección de malware, técnicas adversarias, aprendizaje seguro, privacidad, inteligencia artificial responsable y ethical hacking. Autor del libro "Ciberseguridad: un enfoque desde la ciencia de datos", publicado por la Editorial ICESI en 2018.
Kevin Zarama
Estudiante de décimo semestre de Ingeniería de Sistemas de la Universidad ICESI, practicante de desarrollo frontend en pragma.Cristhian Eduardo Castillo Meneses
Estudiante de último semestre de Ingeniería de Sistemas con experiencia en desarrollo de software. Su interés principal es la aplicación de la ciencia de datos para la solución de problemas por medio de inteligencia artificial.Martin Abbatemarco
Argentinian security researcher working at OpenZeppelin, the leading company in smart contract security on the Ethereum blockchain. Formerly penetration tester at a big-four, he decided to jump into the blockchain space to help secure the future open economy and individual empowerment that this technology can achieve. He's currently enrolled in a Master’s degree on Cybersecurity and Cyberdefense at UBA, and I has spoken at different meetups, conferences, and workshops about smart contract security (such as a 2-hour workshop at Ekoparty 2018, or a recent talk at DEFCON Blockchain Village in August 2020).
All your Ether are belong to us (a.k.a Hacking Ethereum-based DApps)
Luis Quispe Gonzales
Blockchain technology is extremely fascinating... has captured our imaginations because of its huge potential to revolutionize industries such as logistics, food safety, music, insurance, banking, and even voting systems; however, its adoption is still very scarce. The reason is simple: blockchains are complex to use by end users. During recent years, decentralized applications (DApps) have been emerging as candidates to change the rules of the game, mainly because of their ease of use and capability to leverage the full power of blockchains. The big question is... are DApps really secure?
This talk will show how Ethereum-based DApps work, the technology behind them and some of their most common vulnerabilities. The ultimate goal will be to understand how to attack these applications and, especially, what to do to be protected.
Luis Quispe Gonzales
Luis Quispe Gonzales is Lead Offensive Security Engineer at Halborn, a blockchain-specialized cybersecurity company. He has more than 11 years of professional experience in cybersecurity consulting. His area of expertise is offensive security and has tested the security of ATMs, cloud and on-premises services, different types of applications (web, mobile, thick client, DApps), smart contracts, and legacy systems. Previously, he has worked as Lead Penetration Tester at IBM Security SSA (Spanish South America) and as Cybersecurity Manager at Everis Perú.
Martin Abbatemarco
Argentinian security researcher working at OpenZeppelin, the leading company in smart contract security on the Ethereum blockchain. Formerly penetration tester at a big-four, he decided to jump into the blockchain space to help secure the future open economy and individual empowerment that this technology can achieve. He's currently enrolled in a Master’s degree on Cybersecurity and Cyberdefense at UBA, and I has spoken at different meetups, conferences, and workshops about smart contract security (such as a 2-hour workshop at Ekoparty 2018, or a recent talk at DEFCON Blockchain Village in August 2020).
Crymen: La Crónica del Crypto Crimen
Francis Guibernau
La tecnología Blockchain y sus derivados, criptomonedas y contratos inteligentes, se encuentran en su apogeo. La alta demanda y la inminente adopción masiva generan un interés colectivo frente a una oportunidad que promete ser el futuro. Pero un sistema poco conocido que mueve miles de millones de dólares no solo despierta el interés de la sociedad y de las organizaciones... ¿Es este también el futuro del crimen?
Francis Guibernau
Francis Guibernau es Cyber Security Engineer en AttackIQ. Se especializa en la investigación y perfilado de adversarios mediante la recolección y análisis de sus Tácticas, Técnicas y Procedimientos (TTPs). Anteriormente formó parte del equipo de Inteligencia de Deloitte y recientemente fue parte del equipo de Security Operations (SecOps) del BNP Paribas, donde se especializó en la identificación, manejo y resolución de vulnerabilidades presentes en infraestructura y aplicaciones.
Martin Abbatemarco
Argentinian security researcher working at OpenZeppelin, the leading company in smart contract security on the Ethereum blockchain. Formerly penetration tester at a big-four, he decided to jump into the blockchain space to help secure the future open economy and individual empowerment that this technology can achieve. He's currently enrolled in a Master’s degree on Cybersecurity and Cyberdefense at UBA, and I has spoken at different meetups, conferences, and workshops about smart contract security (such as a 2-hour workshop at Ekoparty 2018, or a recent talk at DEFCON Blockchain Village in August 2020).