CSides Monthly Security MeetupsCSides Monthly Security Meetups provide an opportunity to listen to and share security research within the Canberra region. The meeting occurs normally on the 3rd Friday of every month. Each meetup consists of 1-2 talks of around 30 mins each. Talks start at 6pm and are followed by some socialising at a local pub.
New attendees are welcome, just come along! (There are no entry fees, and no tickets to book)
The talks at CSides are technical. CSides welcomes new and interesting speakers to present - the topic will be on a technical or security issue. As a speaker you can be an expert, a student, someone learning a new area or maybe a regular speaker on the conference circuit, but we also love to have new and occasional speakers. Please contact one of the organisers below if you are interested in speaking.
You are very welcome to propose running activites other than talks, such as hands-on workshops, an infosec quiz or something else relevant to our techie audience!
- Room N101
CSIT Building ANU
Acton ACT 2601
- Wig & Pen
William Herbert Place,
Canberra ACT 2601
- Silvio Cesare
Friday 8th September
Talk 1: Swift Coding
Talk 2: TBA
Friday 20th October
Friday 17th November
Please ensure you come around to the back of the building, no one can enter through the front after 5pm. Please refer to the following map
Friday 18th August 2017
Talk 1: Rust SecurityEvery programming language is a compromise. For instance, features that improve developer productivity might limit runtime performance and so on. When it comes to security, languages typically look to options such as garbage collection to provide a level of memory safety or encourage coding standards and static analysis to reduce bugs. This talk will look at some of the unique compromises Rust makes to try and offer its developers "safety, concurrency, and speed".
Cameron FordCameron is enthusiastic about security and software development. As a day job this means leading a small team developing tools to make red teaming faster and more reliable. In his own time Cameron can be found deving on other interesting problems that have caught his attention.
Talk 2: Security in depth — ‘When security theatre just isn’t enough’Get exposed to wholistic security doctrine and leverage on the approach taken by government agencies and contractors. This talk will briefly introduce you to the Australian Government Protective Security Policy Framework (PSPF) and how its principles can provide layered and durable security measures in your own workspace.
Don’t get bogged down in the fruits of bureaucracy, this talk condenses reams of boring documents and gives you the high speed tour — hopefully slightly less boring.
Whether you want to learn how to make it or break it — Security in Depth is more than just locks and firewalls. Managing the weakest links, people and policy, is part of the key to securing information and assets.
Craig RumballCraig has been involved in the Security, Investigations and Intelligence field since 2000, having worked in a variety for roles for government and private entities. He is a physical security specialist, but a passionate security practitioner. He is keen supporter of the Locksport and hacking community.
Friday 14th July 2017
Talk 1: CFG BypassCFG is meant to be robust against Arbitrary Writes from a remote attacker through its usage of Mutable Read Only Data, but Microsoft acknowledges that attacks against Mutable Read Only Data do exist and that additional work is required in future versions of Windows to fully protect CFG against them. In this talk, we'll show practical examples of such attacks, which effectively mean that in the context of for example, a browser, an arbitrary read/write primitive (or simply, arbitrary write + info leak) can be used to bypass Mutable Read Only Data, which can then be used to bypass CFG.
Alex IonescuAlex Ionescu is the Vice President of EDR Strategy at CrowdStrike, Inc., where he started as its Chief Architect almost six years ago. Alex is a world-class security architect and consultant expert in low-level system software, kernel development, security training, and reverse engineering. He is coauthor of the last three editions of the Windows Internals series, along with Mark Russinovich and David Solomon. His work has led to the fixing of many critical kernel vulnerabilities, as well as over a few dozen non-security bugs.
Previously, Alex was the lead kernel developer for ReactOS, an open source Windows clone written from scratch, for which he wrote most of the Windows NT-based subsystems. During his studies in Computer Science, Alex worked at Apple on the iOS kernel, boot loader, and drivers on the original core platform team behind the iPhone, iPad and AppleTV.
Alex is also the founder of Winsider Seminars & Solutions Inc., a company that specializes in low-level system software, reverse engineering and security trainings for various organizations.
Talk 2: Not-so-bad USBRemember Bad USB? An attack so bad that every USB chip vendor recalled their products and fixed the problem? Well this talk is on my progress in trying to get it working on cheap Officeworks drives. This involves a number of broken drives and staring at hex dumps.
What will be covered:
- Quick overview of Bad USB and the drives in question.
- Obtaining files and documentation needed.
- Reversing the files and API commands used.
- Tools used and made.
- Issues encountered.