Saturday, November 3rd, 2018

Time Event
10:00 – 11:00 Registration
11:00 – 11:25 Opening Ceremony
11:30 – 11:55 Cracked in 60 Seconds: Attacking Mobile Wi-Fi Hotspots
Eric Gershman
12:00 – 12:25 The Reproducible Builds Project
Muz
12:30 – 12:55 Reading Binary: Finding and Using an 0-day for a Pentest
Ron Bowes
13:00 – 13:45 Lunch Break - Catered by The King's Head
13:45 – 14:10 Things the Internet Knows About You
Sean Smith
14:15 – 14:40 Amazon S3 Deep Dive for Security Practitioners
Mike Himbeault
14:45 – 15:10 Working with Hackers: A (Brief) Look at Implementing Vulnerability Reporting Policies
Glitch Witch
15:15 – 15:45 Coffee Break
15:45 – 16:40 Web App 101: Getting the Lay of the Land
Mike Saunders
16:45 – 17:30 Dinner Break - Catered by The King's Head
17:30 – 17:55 Stopping Digital Skimmers
Matthew Southworth
18:00 – 18:25 The Easy Path
Tim Jensen (Appsec Consulting)
18:30 – 18:55 Collecting and Analyzing Security Telemetry at Scale
Christian Peron

Sunday, November 4th, 2018

Time Event
10:00 – 10:25 Re-Bootstrapping the Free World
Mark Jenkins
10:30 – 10:55 DevSecOps - Integrating Security in the Development Pipeline
Magno Logan
11:00 – 11:25 Abusing Video Streaming Services for Storage and Transport
Robert Keizer
11:30 – 11:55 Technological Abuse: what is it and how can we stop it?
Sarah LaCroix
12:00 – 12:25 BGP Hijacking Goes Mainstream
Theo Baschak
12:30 – 12:55 Canadian Threat Landscape - Are We Really a Target?
Mike Yallits
13:00 – 13:45 Lunch Break - Catered by The King's Head
13:45 – 15:00 Whose Slide Is It Anyway?
15:00 – 15:30 Coffee Break
15:30 – 15:55 Beware the Maelstrom: The Pitfalls of Password Rotation
Travis Friesen
16:00 – 16:25 Blockchain is Bullshit: Why "Blockchain Technology" Will Not Solve Any Significant Infosec Problems
Brandon Enright
16:30 – 17:30 Dinner Break - Catered by The King's Head
17:30 – 17:55 Tales from the Trenches
Julian Pileggi
18:00 – 18:25 CTF Walkthrough
18:30 – 18:55 Closing Ceremony

Cracked in 60 Seconds: Attacking Mobile Wi-Fi Hotspots

Eric Gershman

Modern GPUs have made it possible to quickly recover random, factory set passwords on embedded devices. This talk will specifically dive into attacking the default, WPA Pre-Shared key (PSK) formats for several popular mobile WiFi hotspots. It will also cover ways to improve attack methodology and present several ways for manufactures, administrators and users to reduce the risk of compromise from a weak default WPA PSK. Attendees will learn how WPA deauthentication attacks are performed and the significance of modern GPUs in recovering Pre-Shared Keys.

Eric Gershman is a penetration tester with over eight years of experience in Information Security. Prior to working in security Eric pursued a bachelor's degree in Information Technology at the University of Central Florida. During his time at UCF, he worked as a technician on a large help desk, research intern for an Anti-Virus company and as a Linux Systems Administration for the public and private sectors.

The Reproducible Builds Project

Muz

Many of us run some amount of Free and/or Open Source Software but how can we ever be sure that what we're actually running was built from the allegedly published source code? Whilst not a complete security solution in and of itself, find out how this project helps influence and improve security and development as part of a wider set of policies.

Originally from the UK, Muz has been working professionally in the software and tech industries for as long as he legally could for a number of companies across the globe. From a questionable start of contributing Perl changes to various FOSS projects, FOSS software has always played a huge role in both his professional life, and personal life as a hobbyist and enthusiast.

Reading Binary: Finding and Using an 0-day for a Pentest

Ron Bowes

Reading binary is hard: it's all bits and bytes! But sometimes, it comes in handy. This presentation will be a story about finding and using an 0-day in commercial software during a pentest.

Bio: Just use the one from last time.

Things the Internet Knows About You

Sean Smith

For large organizations, it can be hard to minimize your digital footprint. Whether it be mergers and acquisitions, spun up cloud environments, or any other assets forgotten/not properly decommissioned over the years, it can be a challenge to put together a comprehensive and accurate inventory. This talk will go over a number of publicly available datasets that one can use to view what everyone else on the internet can find out about your digital footprint and passively monitor for changes.

Sean Smith is the Director of Architecture at SecurityScorecard, a security ratings platform that generates security ratings non-intrusively and from an outside-in perspective. He currently leads a team combing the internet for interesting signals to ingest and analyze.

Amazon S3 Deep Dive for Security Practitioners

Mike Himbeault

Amazon Simple Storage Service (S3) is a complex and highly versatile service that makes it useful for a wide variety of applications, from static website serving to backup and storage. These properties also make it notorious for being frequently misconfigured and poorly understood. This session will provide deep dive details on what S3 is, how it functions, the security constructs and mechanisms supported, and some tips and tricks on how to get the most out of it as a security practitioner.

Mike is a local IT professional that is slowly, for reasons he can't quite explain, sliding deeper into non-technical work for most of his days. To combat this, he relentlessly preaches about "cloud" to, and experiments on, anyone that will tolerate it, co-organizes the Winnisec monthly security meetup, and co-founded Flying Fortress IT to bring security and cloud expertise to small and medium businesses. He has spent plenty of time deploying production workloads to AWS, supporting research and development teams, and lately working on technology, systems, and process innovation strategy for the City of Winnipeg.

Working with Hackers: A (Brief) Look at Implementing Vulnerability Reporting Policies

Glitch Witch

GlitchWitch is an Independent Security Researcher, Penetration Tester, and Bug Hunter who spends most of their free time learning how things work and improving what they can along the way.For over a decade they have worked independently with a wide variety of companies on an expansive list of technical projects. They are currently available for hire - more information about them can be found at https://glitchwitch.io/

Web App 101: Getting the Lay of the Land

Mike Saunders

Getting started with web apps can be a daunting task. "Ooh, shiny!" rabbit holes are just around the corner with every click. Without a good plan and a road map, it can be very easy to get lost in these holes and run out of time before reaching your goal. This talk covers how to identify the goal and set up a plan that will help you avoid the rabbit holes, identify the points you should focus on, and ultimately help you become an effective application tester.

Mike's love of IT started in the third grade when he discovered he could view the code of BASIC programs on an Apple ][e. He has held many information technology and IT security positions, including developer, network and system administrator, security architect and security incident handler. Currently, Mike is a principal consultant with Red Siege. When he is not at work, he is an avid ice fishing and kayak fisherman and member of a local horn rock band.

Stopping Digital Skimmers

Matthew Southworth

Credit card skimming has moved online, leading to theft of customer data from prominent ecommerce websites by groups like Magecart. This talk will discuss the sophisticated techniques observed in these attacks, including first party modifications of site content, software supply chain attacks, and deceptive C&C infrastructure. We'll cover ways to detect and prevent these techniques, including monitoring tools, Content Security Policies and Subresource Integrity assertions.

Matthew Southworth enjoys breaking things, New York City, and cooking. He's a senior director of Security Engineering at Priceline.

The Easy Path

Tim Jensen (Appsec Consulting)

Time will demonstrate chaining multiple vulnerabilities together, most of them for SMB, to compromise systems quickly and efficiently. He will also provide remediation recommendations. Tim will discuss the Responder, CrackMapExec, and MultiRelay tools. He'll also go over disabling antivirus through crackmap, pulling creds across large networks, and compromising Windows 2000 hosts with Metasploit.

Tim Jensen is a Senior Penetration Tester with AppSec Consulting, based out of San Jose California. Tim lives in Fargo, ND USA and greatly enjoys Network, Physical, and Wireless testing. When not obsessing over hacking, Tim spends time playing with Software Defined Radios, volunteering, and going on adventures.

Collecting and Analyzing Security Telemetry at Scale

Christian Peron

This talk will cover the collection and analysis of security telemetry in high performance environments. The differences between conventional security event auditing frameworks and some of the more modern dynamic tracing and performance monitoring frameworks. Specifically how some of the dynamic tracing frameworks can be used for more effective intrusion detection and forensic purposes.

Over the past 16 years, Christian has been responsible for researching and engineering threat identification and containment technologies. Currently he is performing these activities in his role on the security team for a global content delivery network. As a security enthusiast he is contributor for various open-source projects including the FreeBSD/TrustedBSD operating systems, and more recently the OWASP CRS.

Re-Bootstrapping the Free World

Mark Jenkins

Mark turns his obsession with secure bootstraps towards a progress update on the work of others to re-bootstrap the free world (bootstrappable.org) . Along the way he'll review the role bootstrapping could play for the problem of 2 or more persons in a room needing to trust a shared computer. (As per last year, Mark calls this the voting machine problem or Wright-Andresen problem)

Mark is an occasional free software hacker and member since founding of Winnipeg's hackerspace Skullspace. He works as a sysadmin specializing in GNU/Linux servers at the University of Winnipeg Library. You can also run into him at the Manitoba Unix User Group from time to time. Mark has presented at all three prior incarnations (2013, 2015, 2017) of the Long Con under its previous title.

DevSecOps - Integrating Security in the Development Pipeline

Magno Logan

Security Testing, when performed, is usually done at the end of the application development cycle, increasing the risk of delays and cost increase in the project if problems or errors are found. It is possible to overcome, or at least minimize, this problem by using the “Shift Security Left” (SSL) approach, by introducing security checks and validations in the software development lifecycle and performing automated security testing within the project pipeline. This talk aims to demonstrate some ways on how to implement the SSL approach in your development lifecycle and what tools can be used to automate security testing and vulnerability management by performing multiple checks and validations throughout the application development process.

Magno (Logan) Rodrigues is an Application Security Specialist. He was the founder of the OWASP Paraíba Chapter. He already spoke at many conferences in Brazil such as the GTS, ENSOL, BSidesSP, OWASP App Sec Latam, ECD, BHack and Just4Meeting in Portugal. He was also the organizer of the OWASP Paraíba Day and the JampaSec Security Conference. He studied Security and Computer Forensics in New York, USA. His current focus are Web Application Security, Secure Development and DevSecOps. He has the following certifications: CompTIA CySA+, Security+, Cloud Essentials, EXIN Secure Programming and Ethical Hacking

Abusing Video Streaming Services for Storage and Transport

Robert Keizer

Video streaming services such as Youtube Live or Twitch can be used in 'alternative' ways, to transmit arbitrary data. This is a presentation about using video streams as both storage (FUSE filesystem) and transport (IP transport). It also will cover how to avoid detection.

Rob Keizer founded Pegboard Hosting, a local cloud provider. He specializes in technology startups, and is currently CTO at Ukkö Robotics. He is a founding director of Coldhak, a nonprofit dedicated to furthering privacy, security, and freedom of speech. His previous community involvement has included serving on boards of SkullSpace and the Manitoba Unix User Group (MUUG).

Technological Abuse: what is it and how can we stop it?

Sarah LaCroix

When people think “abuse”, most people are still thinking about throwing punches and name-calling. However, as the reliance on technology grows, so does the ability to use it to exert power over others. Technological abuse can be harder to identify because we're not as familiar with it. This talk explores the different ways technological abuse may manifest itself and how we can empower people to leave a relationship, avoid future abusive relationships and help others to do the same.

Sarah LaCroix cares about technology, education and empowerment. Her career in technology began as a radio talk show host exploring technology and the needs of youth in and from foster care. As a student, she spent a year studying digital forensics and security in Glasgow, Scotland and has served on the executive board of her academic department's student group. She presented topics of personal interest at Prairie Dev Con Deliver and BSidesWinnipeg in 2017. She will be graduating from Red River College's Business Information Technology program in June 2019 and wants to secure a role as an analyst. Her interests beyond technology include photography and running.

BGP Hijacking Goes Mainstream

Theo Baschak

In past years talks Theo has talked extensively about BGP, and BGP hijacking. In 2018 we've seen several instances of where BGP hijacking has been combined with other methods to steal cryptocurrency.

Theo is an active player in Manitoba's ISP scene. These days he does networking professionally, focusing on architecting and building routed networks using BGP. Theo has his own BGP AS, enjoys photography and curries, and volunteers his time with the Manitoba Internet Exchange and the Manitoba Network Operator Group.

Canadian Threat Landscape - Are We Really a Target?

Mike Yallits

This presentation is a review of the threat intel collected by Palo Alto Networks and Unit42 that was aimed at Canada over the past few months. We will be looking at top delivery methods, top targeted industries and commodity threats vs actual campaigns and the actors behind them.

Mike has been in IT since the 90's and spent time as an IT manager/director as well as wearing a sales hat for the past 7 years.

Beware the Maelstrom: The Pitfalls of Password Rotation

Travis Friesen

Regular, enforced password rotation has been a part of the generally accepted best security practices for decades. However, password rotation not only provides no benefit to security, it can actually make an organization less secure. In this talk, I am going to explain why mandatory password rotation should join other, backward practices like bloodletting and asbestos insulation on the trash heap of history.

Travis misspent 10 years studying computers and network security at the University of Manitoba before being unleashed on an unsuspecting world. After spending some time writing autopilot software for UAVs, he settled into a career in InfoSec, working in the education sector and founding Flying Fortress IT, a firm which specializes in providing small and medum businesses with security and cloud infrastructure expertise.

Blockchain is Bullshit: Why "Blockchain Technology" Will Not Solve Any Significant Infosec Problems

Brandon Enright

Unless you've been living under a rock, you've heard that blockchains are the solution. Have a problem (ANY problem) in need of a solution? Blockchain it! Of course, the hype doesn't match reality. This talk will cover basic blockchain algorithm concepts, explain what sort of problems are particularly well suited to blockchains, and talk a bit about why infosec doesn't have those problems.

Like all great cyber security thought leaders, Brandon Enright is a self-aggrandizing Twitter *****. When he isn't leading cyber infosec thoughts, he's leading cyber dreams. Brandon can factor large primes with nothing more than pencil and paper and even recite the digits of Pi in random order in arbitrary bases. Recognized as one of the great legends in machine learning, several of Brandon's machines have learned so much that philosophers argue turning them off would be murder. Rumor has it that shortly after Elon Musk met Brandon, Elon bought a small island in the south pacific for shelter and revised his estimate of the coming singularity up a decade. Brandon is why Bruce Schneier has trouble sleeping at night.

Tales from the Trenches

Julian Pileggi

Incident responders are on the frontlines of the battle with threat actors and fraudsters alike. This talk will bring a unique perspective into some interesting techniques used by threat actors in recent cases. The “Tales From The Trenches” talk is intended to provide case studies and stories from real-life operations. There won't be much theory or hypothesizing. Rather, the presentation will focus on challenges and problems that organizations faced and how they overcame them.

Julian Pileggi is a Principal Incident Response Consultant at Mandiant, based in Toronto, Canada. His areas of expertise include enterprise incident response, digital forensics, threat hunting and security operations center team development.