CSides Monthly Security Meetups

CSides Monthly Security Meetups provide an opportunity to listen to and share security research within the Canberra region. The meeting occurs normally on the 2nd Friday of every month. Each meetup consists of 1-2 talks of around 30 mins each. Talks start at 6pm and are followed by some socialising at a local pub.

New attendees are welcome, just come along! (There are no entry fees, and no tickets to book)

The talks at CSides are technical. CSides welcomes new and interesting speakers to present - the topic will be on a technical or security issue. As a speaker you can be an expert, a student, someone learning a new area or maybe a regular speaker on the conference circuit, but we also love to have new and occasional speakers. Please contact one of the organisers below if you are interested in speaking.

You are very welcome to propose running activites other than talks, such as hands-on workshops, an infosec quiz or something else relevant to our techie audience!

Location:
Canberra Rex Hotel
150 Northbourne Ave

Braddon ACT 2612

Time:

6.00pm

Afterwards:
Swan & King Bar
Canberra Rex Hotel
Organisers:
Kylie McDevitt
Silvio Cesare

Future Dates:

Paused until after the main BSides Canberra event!

Friday 7th June 2024

Linux vs Kubernetes: a software security engineering comparison

When it comes to protecting their respective userbases, how do the world's two largest opensource software projects - by frequency of PRs accepted - compare? We will take a whirlwind tour through different layers to this question: workload confinement challenges and threat models; runtime self-protection (against latent defects/undisclosed vulnerabilities); software engineering strategy, process, and infrastructure investments; along with the labour and financial resources they receive. This will be an interactive talk, with the academic rigour and precision you can expect for a Friday night talk (i.e. I'll be showing you half-baked thoughts and analyses that may be inaccurate or plain wrong). I've been playing with some statistical & visualisation stuff, and so really this talk is an excuse to put them to work..
Paul Harvey (@csirac2)
Paul has been doing technical computing, software, and hardware roughly since Rickrolling was invented. Along the way, he's done some product security and security products. At work he shouts at Jira, spreadsheets, and emails.

To be updated when talks are announced, subscribe to our mailing list

* indicates required

Past Talks:

Friday 10th May 2024

Active Directory enumeration with LDAP
The talk will cover:
  • A minimal background on Active Directory(AD) and LDAP basics for those who are unfamiliar
  • What sort of Active Directory information can be gathered from LDAP and what’s the security relevance?
  • How do you identify LDAP/AD Domain Controller servers?
  • What is required to connect to and query AD LDAP servers?
  • What is "Bloodhound", and how does it use LDAP?
  • Why did I write another LDAP tool?
  • Detecting LDAP enumeration, and evading detections.
Stephen Bradshaw
Stephen Bradshaw has worked in the cyber security field for almost 20 years in both internally and externally facing roles, for both Government and private clients. His current focus is offensive security work including pentesting, vulnerability hunting, purple and red teaming, building, designing and maintaining offensive security systems and tools, and working on cyber security incidents (both causing and remediating). Stephen presently works as a Principal Security Consultant in the Offensive Security Team at Seek.
<

Friday 12th April 2024

Linux N-day Exploitation
This talk discusses the implementation of an n-day exploit for Linux based on a vulnerability originally disclosed in 2017. The exploit targets ARM systems with the goal of achieving arbitrary kernel memory read/write capability. In this talk, Angus discusses the full exploit development process, from understanding the subsystem and vulnerability, to triggering the bug, grooming the heap, gaining code execution, and using this to modify kernel memory. Relevant modern exploit mitigations will be discussed, as well as how the exploit can be modified to work around these mitigations.
Angus
Angus works as a vulnerability researcher at InfoSect. He recently graduated from university, where he majored in cybersecurity and completed an Honours thesis on optimising tracing garbage collection algorithms. In his spare time, Angus enjoys learning new (usually useless) skills, attempting (and forever failing) to win CTFs, cooking (hopefully) tasty food, and is known to be overly competitive when playing (video|board|role-playing|war)games with his friends :)
The Practice of Security Architecture
Have you ever wondered what exactly enterprise security architects do? It's not just drinking coffee and drawing on whiteboards. Matt will go through a maturity model for a security architecture practice, crack at least one good joke and share a plethora of NDA friendly anecdotes to illustrate how a security architecture team can better engage with the wider organisation its business partners and software vendors.
Matthew Hackling
Matt has operated as an enterprise security architect for many organisations you have at least weekly digital interactions with. He's led teams penetration testing 3/4 Australian top tier banks. Zero Trust Network transformation for ransomware mitigation and DevSecOps transformation for increased feature delivery velocity are the things he just loves to do.

Friday 15th March 2024

Talk 1: Breaking into Offensive Cyber
This talk discusses the challenges of starting and running a company that specialises in vulnerability research.
Dr Silvio Cesare
Dr Silvio Cesare is a founder and Director at InfoSect, a vulnerability research company. He has worked in technical roles and been involved in computer security for over 29 years. This period includes time in Silicon Valley in the USA, France, and Australia. He has worked commercially in both defensive and offensive roles within engineering. He was previously the Director for Education and Training at UNSW Canberra Cyber, ensuring quality content and delivery. In his early career, he was the lead architect and developer for the startup Qualys, now the industry standard in vulnerability management. He has a Ph.D. from Deakin University and has published in academia, having been cited over 800 times on google scholar. He is a 4-time speaker and also a trainer at the international industry leading Black Hat conference. He has taken his University research through commercialisation and authored a book (Software Similarity and Classification, published by Springer).

Friday 9th February 2024

Talk 1: Moral combat and gamifying the real world
Controversy over the potential impact of video games on users has come and gone. For some, games enhance problem-solving skills, increase attention to detail, and even improve hand-to-eye coordination, while for others, gaming encourages anti-social activities and can lead to problem behaviours. One thing for sure, video games are not neutral places where everyone simply interacts and plays nicely. They are social, vibrant, contested, politically charged zones where people of different ideologies compete for the hearts and minds of audiences.
Steven Coomber
Steven works with the University of Melbourne delivering disinformation and malign influence resilience workshops and supports the University of Canberra’s information literacy and health educational program for schools. Steven is intrigued by the video gaming community and its place as a major social, cultural, economic, and political human interaction medium in the digital age.
Talk 2: I got 99 problems but a 0day aint one 
This presentation dives into recent 0day vuln exploited ITW affecting F5's BIG-IP Traffic Management User-Interface (CVE-2023-46747) during late 2023.. I'll take you into a particular campaign end-to-end, from the initial access, post-compromise activity, artifact extraction, discovery of nasty go-lang backdoors, and gnarly opsec fails..

Buckle your seatbelts Dorothy, cause Kansas. is going bye-bye.
Dan
A reformed counterstrike degenerate from the late 90's who irssi'd roflcopters and never slapped anyone with a large trout. He once tried to install FreeBSD4.5 on his i386. But couldn't defeat the grub boss. Now he's just a dude trying to be a security dude, and surface insights into bad dudes things.

Friday 10th November 2023

Talk 1: How to best fuzz network services in embedded devices?
This research question is something we've tackled under a research grant provided by Defence Science and Technology Group (DSTG). Network services can be challenging. Traditional fuzzers deal well with testing file parsers but struggle to fuzz network programs.

We've built 3 sets of harnesses to fuzz test a variety of services:

  1. when we have the network service source code
  2. when we have only the firmware and the service is dynamically linked
  3. when we have only the firmware and the service is statically linked

Come to this talk and see our unique approaches to fuzz test harnessing.

Dr Silvio Cesare
Dr Silvio Cesare is the CTO and a Managing Director at InfoSect. He has worked in technical roles and been involved in computer security for over 20 years. This period includes time in Silicon Valley in the USA, France, and Australia. He has worked commercially in both defensive and offensive roles within engineering. He has reported hundreds of software bugs and vulnerabilities in Operating Systems kernels. He was previously the Director for Education and Training at UNSW Canberra Cyber, ensuring quality content and delivery. In his early career, he was the scanner architect and a C developer at Qualys. He is also the co-founder of BSides Canberra - Australia’s largest hacker conference. He has a Ph.D. from Deakin University and has published within industry and academia, is a 4-time Black Hat speaker, gone through academic research commercialisation, and authored a book (Software Similarity and Classification, published by Springer).