BSides Denver 2017

13 May 2017

minute read

Authors

Kurt Baumgartner

Everyone loves a decent security conference, and BSides Denver provides one with space to breathe. Folks in sunny Colorado looking for a fine local gathering found talks on advanced social engineering, APT herding, securing smart cities and more.

Even though BSides got its start as an “open source” event taking its contributors from rejected Black Hat talks, this isn’t the island of misfit toys. Quality content is delivered at all of them. Here is Mandiant’s Hunter Hardman talking advanced social engineering techniques he tends to shun, opting for email available and helpful soft Marketing and HR targets. Discussion afterwards broke out about the value of breakout news stories during red team projects, like the current political environment’s effect on employee healthcare plans in the US.

Kyle Chambers from municpal energy provider Austin Energy presented ideas and thoughts on smart city implementations, audits, smart meters and data collection, and real world integration experiences.

Considering the issues with IoT implementations and the immaturity of development cycles in the IoT space, along with the true nature of the risk involved, it’s a particularly alarming topic. And it’s great to see it being carefully discussed by organizations like Austin Energy.

Hope to see you at BSides Denver 2018!

Authors

Kurt Baumgartner

BSides Denver 2017

Latest Posts

Latest Webinars

Reports

In this report Kaspersky researchers provide an analysis of the previously unknown HrServ web shell, which exhibits both APT and crimeware features and has likely been active since 2021.

Asian APT groups target various organizations from a multitude of regions and industries. We created this report to provide the cybersecurity community with the best-prepared intelligence data to effectively counteract Asian APT groups.

We unveil a Lazarus campaign exploiting security company products and examine its intricate connections with other campaigns

How Kaspersky researchers obtained all stages of the Operation Triangulation campaign targeting iPhones and iPads, including zero-day exploits, validators, TriangleDB implant and additional modules.

BSides Denver 2017

GReAT Ideas. Balalaika Edition

GReAT Ideas. Green Tea Edition

GReAT Ideas. Powered by SAS: malware attribution and next-gen IoT honeypots

GReAT Ideas. Powered by SAS: threat actors advance on new fronts

GReAT Ideas. Powered by SAS: threat hunting and new techniques

Focus on DroxiDat/SystemBC

DiceyF deploys GamePlayerFramework in online casino development studio

Black Hat USA 2022 and DEF CON 30

Andariel deploys DTrack and Maui ransomware

Verizon’s 2020 DBIR

Black Hat USA 2022 and DEF CON 30

How we took part in MLSEC and (almost) won

Lyceum group reborn

Wake me up till SAS summit ends

Targeted Malware Reverse Engineering Workshop follow-up. Part 2

Latest Posts

IT threat evolution in Q3 2023. Mobile statistics

IT threat evolution Q3 2023

IT threat evolution in Q3 2023. Non-mobile statistics

Consumer cyberthreats: predictions for 2024

Latest Webinars

Responding to a data breach: a step-by-step guide

2024 Advanced persistent threat predictions

Overview of modern car compromise techniques and methods of protection

2023 APT Landscape Unveiled: Trends, Challenges, Solutions

Reports

HrServ – Previously unknown web shell used in APT attack

Modern Asian APT groups’ tactics, techniques and procedures (TTPs)

A cascade of compromise: unveiling Lazarus’ new campaign

How to catch a wild triangle

Subscribe to our weekly e-mails