SPEAKERS

Opening / Closing

Matt Suiche, Comae Technologies

Matt Suiche is the founder of Comae Technologies and OPCDE.

Discussion: Disinformation about Disinformation

thegrugq (Independent)

Sara-Jayne Terp (Founder of CogSec Collab)

Brian Pendleton (Visiting Professor @ Marymount University)

We’re gonna cover how misinformation and disinformation is not a limited phenomenon exclusive to Russia, or China, and definitely not limited to Twitter bots and Facebook pages. Significant amounts of misinformation and disinformation are not launched and confined to social media, but actually come from authorities, celebrities and the media. There is long history of false information and lies, and we’ll cover some of it.

grugq has been analyzing and authoring content about applied security, cyber, operational, and otherwise for around 25 years. His writings range from in-depth papers on forensics and anti-forensics, to detailed analysis of events that skirt both international espionage and cyber security. grugq has been cited in The New York Times, The Washington Post, Wired (magazine), and Vice (magazine) as well as referenced at security conferences. grugq has grown a large following online and as of April 2019 had over 102k followers on Twitter and over 30k followers on Medium.

Sara-Jayne “SJ” Terp is a data nerd with a long history of working on the hardest data problems she can find. Her background includes designing unmanned vehicle systems, transport, intelligence, and disaster data systems with an emphasis on how humans and autonomous systems work together; developing crowdsourced advocacy tools, managing innovations, teaching data science to Columbia’s international development students, designing probabilistic network algorithms, working as a pyrotechnician, and CTO of the UN’s big data team. She founded Bodacea Light Industries to focus on misinformation mechanisms and counters, worked with the Global Disinformation Index to create an independent disinformation rating system, and ran a Credibility Coalition working group on the application of information security principles to misinformation. Terp holds degrees in artificial intelligence and pattern analysis and neural networks.

Brian Pendleton is a Visiting Professor of Cybersecurity and Information Technology at Marymount University. His research areas include AI Security and disinformation in small online social networks. Before working at Marymount University, Brian amassed over 25 years of business experience in companies such as Wal-Mart, ITXC Corp., Fairfax Water and others in various technical and management positions. He served in the United States Army Reserve in Psychological Operations and Intelligence. He is currently working on a Doctor of Science in Cybersecurity degree at Marymount University.

Catching APTs@home - how to tap your home internet

In February 2016, Rob Joyce, then-Chief of TAO at the National Security Agency gave a talk at the USENIX Enigma conference. It was during his speech that he said these famous words “One of our worst nightmares is that out-of-band network tap that really is capturing all the data, understanding anomalous behavior that's going on, and someone's paying attention to it.” I started running an out of band network tap on my home internet in June 2015, using a relatively cheap network setup and open source software. During all these years, I realized that you really don’t know what is going on your home network, unless you monitor and inspect the traffic. Smart TVs, smart watches, tablets, laptops, NAS’es, printers - the amount of background noise and hidden traffic that all these devices make is staggering. I’ll talk about cheap and effective out-of-band network tap setups, software and of course, some of my findings.

Costin Raiu (Director of GReAT @ Kaspersky)

Costin specializes in analyzing advanced persistent threats and high-level malware attacks. He is leading the Global Research & Analysis Team (GReAT) at Kaspersky that researched the inner workings of Stuxnet, Duqu, Carbanak and more recently, Lazarus, BlueNoroff, Moonlight Maze and the Equation group. Costin’s work includes analyzing malicious websites, exploits and online banking malware. Costin has over 24 years of experience in anti-virus technologies and security research. He is a member of the Virus Bulletin Technical Advisory Board, a member of the Computer AntiVirus Researchers’ Organization (CARO) and a reporter for the Wildlist Organization International. Before joining Kaspersky, Costin worked for GeCad as Chief Researcher and as a Data Security Expert with the RAV antivirus developers group. Costin joined Kaspersky Lab in 2000 and became the Director of the Global Research & Analysis Team in 2010.

The 'S' in Zoom, Stands for Security

Given the current worldwide pandemic and government sanctioned lock-downs, working from home has become the norm …for now. Thanks to this, Zoom, “the leader in modern enterprise video communications” is well on it’s way to becoming a household verb, and as a result, its stock price has soared! 📈 However if you value either your (cyber) security or privacy, you may want to think twice about using (the macOS version of) the app. In this blog post, we’ll start by briefly looking at recent security and privacy flaws that affected Zoom. Following this, we’ll transition into discussing several new security issues that affect the latest version of Zoom’s macOS client.

Patrick Wardle (Principal Security Researcher @ Jamf)

Patrick Wardle is a Principal Security Researcher at Jamf and founder of Objective-See. Having worked at NASA and the NSA, as well as presented at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy. Patrick is passionate about all things related to macOS security and thus spends his days finding Apple 0days, analyzing macOS malware and writing free open-source security tools to protect Mac users.

Sponsors

 
Comae