Loading…
Security BSides London, the UK’s biggest community-driven infosec conference is happy to announce its 8th iteration open to all regardless of background, skill level, income or job-title.  
  • Doors to the main event open at 8.30am with talks starting at 9am on 6 June 2018
  • Workshops will be held on 5 June 2018 starting at 10am; Pre-registration is required
Please remember that Security BSides London has a strict code of conduct available here.
Simple
Expanded
Grid
By Room
Track 1 [clear filter]
Tuesday, June 5
 

10:00 BST

I’ve got 99 problems but a pin ain’t one
In this workshop we’ll be covering certificate pinning (some focus on mobile applications). We’ll be discussing trade-offs of different pinning strategies, and how they can be bypassed. There will be a significant practical component covering what was discussed.

* Introduction
        * What is certificate pinning?
        * Why should you always pin?
        * Where and what to pin?
* So… how should you pin?
        * iOS
        * Android
* Exercises (all involve bypassing certificate pinning)
        * Patching / Re-packaging / Re-signing an Android APK
        * Code review
        * Runtime instrumentation with Frida

**Requirements**

"Students will need a system (*NIX or Windows) with the following installed and working:
* ADB
* unzip
* zipalign
* apktool
* jd-gui (or your Java decompiler of choice)
* dex2jar
* frida (pip install frida; frida –version)
* Burp Suite (or your HTTP proxy of choice)
* Text editor of your choice
* Genymotion Android Emulator
* If you can, bring your own rooted Android device (anything above 5.1 should work)

Speakers
avatar for Jose Lopes

Jose Lopes

I'm a Senior Security Consultant at Nettitude Ltd. I specialise in application and software security – mainly mobile applications and thick clients. My interests include reverse engineering, privacy, and going fast on motorcycles.

Tuesday June 5, 2018 10:00 - 12:00 BST
Workshop 1 ILEC Conference Centre 47 Lillie Road London SW6 1UD
  Track 1, Workshop

12:30 BST

Hacker Academy
Go hack yourself:  This workshop will help to develop your understanding and practical application of awareness training with the intention of making awareness training far more relevant, effective and memorable by applying a combination of communication, motivation and metrics.  

In this workshop we will teach the participants what it takes to develop a strong foundation in which to roll-out organisational wide awareness training – starting with hacking your Board/ leadership team!

**Requirements**
Optional: Laptop with 2 VMs available (1 Kali and 1 Windows 10)
Speakers
avatar for David Prince

David Prince

David Prince is a deeply passionate cyber security expert, who takes a human focused approach to minimising risks. David has considerable experience and demonstrated success in designing and delivering cyber and information security strategies for a variety of businesses and private... Read More →
avatar for Zoë Rose

Zoë Rose

Zoë Rose is a highly regarded hands-on cyber security specialist, who helps her clients better identify and manage their vulnerabilities, with embed effective cyber resilience across their organisation. Whilst retaining deep technical expertise, Zoë has developed extensive experience... Read More →

Tuesday June 5, 2018 12:30 - 14:30 BST
Workshop 1 ILEC Conference Centre 47 Lillie Road London SW6 1UD
  Track 1, Workshop

15:00 BST

BLE Hacking - From Wearables to Insertables
Internet of Things devices are everywhere now; in part due to the influx of cheap devices from China and easy to construct boards. Most of these devices now communicate using the low power and ubiquitous Bluetooth Low Energy protocol (BLE).

In this workshop we will be taking people through BLE from how it works, on to how to replay messages and progressing onto more complex attacks such as intercepting the traffic from the BLE module onboard the device and reading out the chip’s firmware. The core aim will be to give both an understanding of how to hack the hardware itself, and how that fits into the larger context of practical attacks on devices.

Covering: Bluetooth Low Energy, Hardware Hacking

**Requirements**
Nice to have: a laptop plus a BT4 dongle
Speakers
avatar for Mark Carney

Mark Carney

Security Research Labs
Hacker & Math guy, formerly a Musician; Having started out on helpdesk in a software firm, then becoming violinist with a degree in Music w/ Philosophy via being a DBA for a firm, Mark then went on to do an MSc and now full-time PhD study in Mathematics. This rounded off several years... Read More →
avatar for David Lodge

David Lodge

Is a grumpy Yorkshireman who has been doing this sort of stuff for too long. Pen tester by day, pretender at hardware by night. Likes taking stuff apart, but is unable to get it back together afterwards. He is one half of the Nikto team and has presented at several cons.

Tuesday June 5, 2018 15:00 - 17:00 BST
Workshop 1 ILEC Conference Centre 47 Lillie Road London SW6 1UD
  Track 1, Workshop
 
Wednesday, June 6
 

09:00 BST

State of The Net
Technology around us is changing faster than ever. We've already become dependent of our digital devices, and this is just the beginning. As connected devices open new opportunities for imagination, they also open up new opportunities for online criminals. What can we do?
Speakers
avatar for Mikko Hypponen

Wednesday June 6, 2018 09:00 - 10:00 BST
Track 1 ILEC Conference Centre 47 Lillie Road London SW6 1UD
  Track 1, Keynote

10:00 BST

Hacking SCADA - How We Attacked a Company and Lost them £1.6M with Only 4 Lines of Code
Hacking SCADA, or more commonly ICS is serious business, unlike other areas of offensive security one mistake can cost lives. Mike and Matt will present their ICS research, walk through caveats, protocols and show some demos. We will also show how you can start researching industrial systems safely and cover what you need to know to not get someone killed. We will also share the story and method behind how we cost a company £1.6M in lost earnings with only 4 lines of code. We will not be showing exploit code as we believe given what's at stake, it's highly irresponsible, what we will do is give responsible researchers the knowledge they need to get involved and start helping to secure critical infrastructure.
Speakers
M

Matt

Head of R&D, Insinia
Matt (@sekuryti) is currently head of R&D at Insinia Security. Matt's previous roles included senior penetration tester and researcher at SecureLink, Europe's largest managed security services provider and Operational Security Specialist at Ikea overseeing worldwide Operational Security... Read More →
M

Mike

Director, Insinia
Mike (@mikeghacks), Director of INSINIA Security, started life as a “hacker” before he had hit his teens. Mike has a professional background in Electro-technical / Electro-mechanical Engineering and almost 20 years’ experience in building and breaking computers.Mike offers a... Read More →

Wednesday June 6, 2018 10:00 - 11:00 BST
Track 1 ILEC Conference Centre 47 Lillie Road London SW6 1UD
  Track 1, Speaker

11:15 BST

OpSec for Hackers - What You Need to Know to Not Get Caught, Leveraged or Pwned
They say Crypto is hard, OpSec is harder. This talk will combine proper operational security techniques with Porthunters experience in the field, you will walk away with practical OpSec know-how and ideas on how your operations can be more secure. We will cover the heros, loosers and funny stories from the world of OpSec.
Speakers
P

porthunter

Porthunter has worked in OpSec and offensive security roles for some of the worlds largest corporations. Porthunter is a guest lecturer on offensive security at Malmö technology university, a keen CTF player (xil.se) and founder of FR13NDS (Global Hacker Collective). Porthunter now... Read More →

Wednesday June 6, 2018 11:15 - 12:15 BST
Track 1 ILEC Conference Centre 47 Lillie Road London SW6 1UD
  Track 1, Speaker

12:15 BST

How to take over a production system in the cloud
One misconfigured line of code results in anyone in the world being able to destroy or take over a production system in the cloud...

Paul presents examples and demonstrations of real life cloud security issues based on his experience working on cloud migration projects and operational cloud applications for both public and private sector organisations.

He then discusses the root causes of these issues, and how best to mitigate cloud security risks, looking not only at technical controls such as automated testing and compliance enforcement, but also aspects such as knowledge, training, culture and organisational structure. 
Speakers
avatar for Paul Schwarzenberger

Paul Schwarzenberger

Celidor
Paul is a Cloud Security Architect and DevSecOps specialist with 15 years experience leading a wide range of security engagements and cloud migration projects for customers across sectors including financial services, telcos, pharmaceutical, education, and UK Government.Paul has numerous... Read More →

Wednesday June 6, 2018 12:15 - 13:00 BST
Track 1 ILEC Conference Centre 47 Lillie Road London SW6 1UD
  Track 1, Speaker

13:30 BST

How I break into Casinos, Airports and CNI: The Basics of Social Engineering
This talk will be about the basics of social engineering into a client’s site/office. I think most SE talks focus on the more technical “human” aspects and I’m purposefully ignoring that side as I think the audience can often get scared by thinking they have to learn every facial micro expression to get into a client’s office successfully. So, I’m going to focus on the basics, how to perform reconnaissance, how to match dress styles, how to make up a pretext that fits your knowledge, how to get real staff to help you, what to do if you do get in, why you should interact with staff, why you should practice being observant, and why you should leave people feeling better for having meet you (Chris Hadnagy taught me this).
Speakers
avatar for Chris Pritchard

Chris Pritchard

Pen Test Partners
Chris has worked in a range of industries, most notable of which are Critical National Infrastructure and leading edge design and manufacturing. Doing so has given him a huge array of knowledge, from penetration testing robot vacuum cleaners to designing and testing secure ICS/SCADA... Read More →

Wednesday June 6, 2018 13:30 - 14:00 BST
Track 1 ILEC Conference Centre 47 Lillie Road London SW6 1UD
  Track 1, Speaker

14:00 BST

Deep Dive on the Dark Web
Regardless of skill, anyone with an internet connection can stitch together a complex attack with very little effort. Organisations must understand their adversaries, both skilled and unskilled, in order to protect against all manner of threats. This presentation will demonstrate the tools available for purchase on the dark web, how easy it is to acquire them and how they can be used to target individuals and organisations both large and small.
Speakers
avatar for John Shier

John Shier

Sophos
John Shier is a Senior Security Advisor working in the office of the CTO doing research into all manner of threats and security issues. John is passionate about communicating and popularizing security concepts and technologies to customers, partners, and the public at large in an... Read More →

Wednesday June 6, 2018 14:00 - 14:45 BST
Track 1 ILEC Conference Centre 47 Lillie Road London SW6 1UD
  Track 1, Speaker

14:45 BST

Circumventing egress filtering by exploiting HTTP “transfer-encoding: chunked” for faster web shells
During a red team engagement we breached a web server that only allowed HTTP inbound and no outbound connections. While able to upload web shells, reverse shells were unable to establish a connection back to us and as all ports were firewalled, bind shells were not an option. Furthermore, the only existing tool we were aware of TUNNA proved to be too slow for practical
exploitation. In this talk we'll introduce ChunkyTuna, a web shell which allowed us to pivot through the compromised server and reach further into the target network. ChunkyTuna began as a reengineering of TUNNA which utilizes the "transfer-encoding: chunked" HTTP mechanism rather than a constant poll loop with request/response pairs. In effect ChunkyTuna piggybacks an existing HTTP connection to offer near direct access to either the STDIO streams of an arbitrary process or the IO streams of an arbitrary TCP port, in a manner similar to the streaming of a media file with unknown content-length.
Speakers
avatar for Lorenzo Grespan

Lorenzo Grespan

Secarma Ltd.
I’m a computer scientist turned penetration tester; I’ve been a systems administrator, a developer and a project manager in medical robotics as well as researcher in computational neuroscience and evolutionary and adaptive systems. I like to solve interesting problems.

Wednesday June 6, 2018 14:45 - 15:15 BST
Track 1 ILEC Conference Centre 47 Lillie Road London SW6 1UD
  Track 1, Speaker

15:15 BST

Breaking into Embedded Devices and IoT Security
Embedded devices and IoT have received a lot of bad press over recent years. The problem with embedded devices and IOT is that the ever-growing number of Internet connected devices greatly increases the chances of attackers achieving exploitation by discovering security weaknesses. For example, the Mirai botnet reached record breaking DDoS speeds in excess of 650 GBps back in 2016, by exploiting default logon usernames and passwords in commonly used home routers and Internet connected cameras.
This talk aims to cover how to get started finding and exploiting vulnerabilities in embedded devices and IoT. Along the way, the audience will learn some of the hardware and software tools of the trade, how to get started, common attack vectors, responsible disclosure, and how IoT overlaps somewhat with OT/ICS security challenges.
Speakers
avatar for Andrew Costis

Andrew Costis

LogRhythm
Andrew Costis (“AC”) is a Threat Research Engineer within the Labs team at LogRhythm. AC has over 17 years of professional experience working in various technical capacities. AC spends his days performing incident response, forensics, malware analysis and reverse engineering... Read More →

Wednesday June 6, 2018 15:15 - 16:00 BST
Track 1 ILEC Conference Centre 47 Lillie Road London SW6 1UD
  Track 1, Speaker

16:15 BST

Random Problems in IoT
Random Numbers are important. Really f***ing important! Yet, they are so often misunderstood. Decent Random Number generation is relied upon by large chunks of our cryptographic wizardry, and yet mistakes are repeatedly made - and we're seeing these mistakes bleeding into IoT.
With the proliferation of 'smart' devices, what affects the security of these devices could affect anything from lightbulbs to pacemakers. The author's own research has found some real problems with embedded devices generating random numbers, some proposed fixes, and then some problems with those for good measure.
We will present an overview of what 'random' is (with little to no scary maths), the current state of the art, and overview of embedded devices RNG's, our assessment results, and how things can move forward.
This talk will give you:
  • A solid overview of the basics of RNG
  • Some handy hints and nifty tricks for understanding what 'random' really is
  • An overview of the well-known problems in embedded/IoT RNG's - microcontrollers and SDK's just doing it wrong
  • An assessment of what fixes are available - which ones we found issues with, and which seem to work better
  • HSM's and other solutions we look to assess
  • What manufacturers, vendors, compliance bodies, and developers can do
This talk is suitable for people of any technical level, but is aimed at those with an interest in IoT security, cryptography, and hardware.

Speakers
avatar for Mark Carney

Mark Carney

Security Research Labs
Hacker & Math guy, formerly a Musician; Having started out on helpdesk in a software firm, then becoming violinist with a degree in Music w/ Philosophy via being a DBA for a firm, Mark then went on to do an MSc and now full-time PhD study in Mathematics. This rounded off several years... Read More →

Wednesday June 6, 2018 16:15 - 17:15 BST
Track 1 ILEC Conference Centre 47 Lillie Road London SW6 1UD
  Track 1, Speaker

17:15 BST

Solving Threat Detection
Why do organisations fail so badly at threat detection? Despite chucking tons of cash at staff and magic next-gen ML products, detection teams rarely deliver reliable, high quality, tangible results. Where are we going so wrong?

This talk will step through key issues such as re-inventing the wheel syndrome, why information accumulation/sharing matters, the traditional SOC model and detection priorities, building/retaining awesome employees and an honest look at the state of detection tooling (and often underestimated deployment hurdles).

Although perhaps surprising, many issues actually have simple solutions which will be discussed through-out the talk. Technical examples will be used to quantify the challenges and how solutions can work in the real world, with lessons learnt coming straight from the experiences of the Countercept hunt team.
Speakers
avatar for Alex Davies

Alex Davies

Countercept
Alex Davies is the TechOps Lead for the UK hunting team at Countercept. An attacker turned defender, Alex spends his days picking apart the entire kill chain and figuring out how to detect each and every step taken. He also has a passion for all things webapp and is a long term bug... Read More →

Wednesday June 6, 2018 17:15 - 17:45 BST
Track 1 ILEC Conference Centre 47 Lillie Road London SW6 1UD
  Track 1, Speaker

17:45 BST

Closing
Wednesday June 6, 2018 17:45 - 18:00 BST
Track 1 ILEC Conference Centre 47 Lillie Road London SW6 1UD
  Track 1, Speaker
 

Twitter Feed

Filter sessions
Apply filters to sessions.
Tuesday, June 5
Wednesday, June 6
Career Track (upstairs)
Lightning Track
Rookie Track
Track 1
Track 2
Track 3 (upstairs)
Workshop 1
Workshop 2
Workshop 3
Workshop 4
  • Break
  • Career
  • Rookies
  • Track 1
  • Track 2
  • Track 3
  • Track 4