Some Photos Of Slides From The NOC (Network Operations Center)

Here are a few photos of the presentation by the NOC at Def Con 27 (2019).  But first here is may favorite non-focused photo as it says a lot:

DSC01331-ANIMATIONSquirrels? 

DSC01334Some WIFI User Tracking

DSC01339Some Traffic Analysis

DSC01341High-Level Network Diagram #1 For 2019

DSC01345High-Level Network Diagram #2 For 2019

DSC01348Previous WIFI Architectures (Rio)

DSC01350Yuck! #1

DSC01354Yuck #2

DSC01356Bathrooms Make Great NOCs!

Other photos!


Some Favorite Slides From Def Con #27 (2019).

The following photos of slides that are some of my favorites from Def Con #27 (2019).

DSC01307Default Elevator Passwords

DSC01310SQL Injection's Found In Vendor Databases For Schools

DSC01319Radar Gun Frequencies

DSC01323Some References On How To "Mess With" Radar Guns

DSC01327Multi-Printer Attack Surfaces

DSC01329More Detail On Multi-Printer Attack Surfaces

DSC01361Sound Damage Levels


DEF CON 27 Notes & References

Defcon27-2019-collageHere are my DEF CON notes from the sessions that I attended in 2019 for DEF CON 27:

Please fell free to do what you want with these notes.  I go to sessions so you don't have to.

Screenshot 2019-08-12 at 11.25.43

Here some quick links to notes from previous years: 26 (2018), 25 (2017)24 (2016)23 (2015)22 (2014)21 (2013)20 (2012)19 (2011), & 18 (2010)

Some podcasts that covered news from Black Hat and Def Con (there are probably more -- send me links!):

Here are some more recent news links published since the conference:

  1. https://www.irishtimes.com/life-and-style/motors/10-700-in-speeding-tickets-after-invisibility-test-goes-wrong-1.3985905
  2. https://www.cisomag.com/smart-speakers-can-be-turned-into-cyber-weapons-to-make-aural-attacks-researcher/
  3. http://www.securitysystemsnews.com/blog/discovered-defcon-27-automated-license-plate-readers-alprs-being-hoodwinked-clothing
  4. https://www.csoonline.com/article/3432158/thoughts-from-defcon-27.html
  5. https://securityboulevard.com/2019/08/black-hat-2019-recap-transformation-the-new-cybersecurity-culture/
  6. https://timesofindia.indiatimes.com/gadgets-news/this-next-gen-weapon-is-sitting-in-your-room-and-you-dont-even-know/articleshow/70645696.cms
  7. https://edition.cnn.com/2019/08/12/politics/defcon-voting-village-darpa-dominion/
  8. https://www.bleepingcomputer.com/news/software/nmap-780-def-con-release-first-stable-version-in-over-a-year/
  9. https://www.infosecurity-magazine.com/news/defcon-cisa-improve-election/
  10. https://www.infosecurity-magazine.com/news/defcon-american-flaws-school/
  11. https://www.c4isrnet.com/battlefield-tech/2019/08/12/the-air-force-is-all-in-on-software/
  12. https://www.infosecurity-magazine.com/news/defcon-hackers-netflix-bank-acount/
  13. https://www.prnewswire.com/news-releases/carnegie-mellon-team-flexes-hacking-prowess-with-fifth-defcon-title-in-seven-years-300899772.html
  14. https://techspective.net/2019/08/14/qualys-has-a-prescription-for-better-cybersecurity/
  15. https://hub.packtpub.com/nmap-7-80-releases-with-a-new-npcap-windows-packet-capture-driver-and-other-80-improvements/
  16. https://futurism.com/the-byte/tesla-surveillance-hack
  17. https://www.cnet.com/news/anti-surveillance-clothes-foil-cameras-by-making-you-look-like-a-car/
  18. https://www.krdo.com/news/hacker-makes-iphone-cable-that-can-tap-into-computer/1109318553
  19. https://www.kare11.com/article/news/minnesota-team-places-2nd-in-national-hacking-competition/89-77305e34-dadd-4b55-afcb-c8d1af6165f9
  20. https://www.cmu.edu/news/stories/archives/2019/august/hacking-champs.html
  21. https://www.forbes.com/sites/jeanbaptiste/2019/08/14/defcon-27-how-hackers-used-a-netflix-account-to-steal-banking-information/#1f0f14a33710
  22. https://www.wired.com/story/null-license-plate-landed-one-hacker-ticket-hell/
  23. https://www.idgconnect.com/interviews/1502595/secret-cso-rick-howard-palo-alto-networks
  24. https://www.technologyreview.com/f/614175/a-new-clothing-line-confuses-automated-license-plate-readers/
  25. https://news.gcu.edu/2019/08/gcu-students-log-in-to-hacker-summer-camp/
  26. https://www.newsweek.com/cybersecurity-vulnerability-fighter-jet-f15-defcon-hacking-tads-flight-system-hack-pentagon-1454491
  27. https://www.thenewamerican.com/tech/item/33162-clothing-line-fools-big-brother-surveillance-by-making-you-look-like-a-car
  28. https://www.military.com/daily-news/2019/08/16/hackers-find-serious-vulnerabilities-f-15-fighter-jet-system.html
  29. https://www.timeslive.co.za/motoring/news/2019-08-16-go-for-it-try-to-hack-my-car/
  30. https://gizmodo.com/buttplug-hacker-talks-security-consent-and-why-he-hac-1837252628
  31. http://industrynewsreport24.com/congressmen-intelligence-members-rush-to-hackers-conference/412/
  32. https://www.soyacincau.com/2019/08/17/defcon-omg-apple-lightning-cable-hackers-hijack-computer/
  33. https://mashable.com/article/black-hat-conference-virus-measles/
  34. https://techxplore.com/news/2019-08-paris-sartorial-hacking-le-dernier.html
  35. https://arstechnica.com/information-technology/2019/08/badge-life-the-story-behind-defcons-hackable-crystal-electronic-badge/
  36. https://insideevs.com/news/366333/tesla-hack-mod-surveillance-detection-scout/
  37. https://www.dailymail.co.uk/news/article-7394157/Bluetooth-left-leaves-devices-vulnerable-hackers-attacks-cause-hearing-loss.html
  38. https://technical.ly/baltimore/2019/08/29/cybersecurity-annapolis-sixgen-grabbed-the-win-at-defcon-27s-capture-the-flag/
  39. https://www.wired.com/story/this-diy-implant-lets-you-stream-movies-from-inside-your-leg/

I plan on attending DEF CON 28.  Follow along real-time on Twitter @technewsradio.


DEF CON 25 Notes & References

Defcon2017Here are my DEF CON notes from the sessions that I attended in 2017 for DEF CON 25:

Please fell free to do what you want with these notes.  I go to sessions so you don't have to.

Here some quick links to notes from previous years: 24 (2016)23 (2015)22 (2014), 21 (2013), 20 (2012), 19 (2011), & 18 (2010)

I plan on attending DEF CON 26.  Follow along real-time on Twitter @technewsradio.

 


DEF CON 23 Notes & References

DEFCON-23Here are my DEF CON notes from the sessions that I attended and the presentation material that was shared:

In addition my previous notes (all in PDF) are available for 22 (2014), 21 (2013), 20 (2012), 19 (2011), & 18 (2010).  I wish I started going to DEF CON sooner but it is what it is.

Feel free to do what you want with the report - "I attend sessions so you don't have to." ;-)

I plan on attending DEF CON 24.  Follow along real-time on Twitter @technewsradio.

UPDATE (8/3/2016): If you are a Chvrches fan and want to be interviewed in person at DEF CON 24 then message me on Twitter @chvrchespodcast.


Updated CISSP Domains

Security-info-graphic

The CISSP Domains (Effective April 15, 2015) will be changing:

  1. Security and Risk Management (Security, Risk, Compliance, Law, Regulations, Business Continuity)
  2. Asset Security (Protecting Security of Assets)
  3. Security Engineering (Engineering and Management of Security)
  4. Communications and Network Security (Designing and Protecting Network Security)
  5. Identity and Access Management (Controlling Access and Managing Identity)
  6. Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing)
  7. Security Operations (Foundational Concepts, Investigations, Incident Management, Disaster Recovery)
  8. Software Development Security (Understanding, Applying, and Enforcing Software Security) 

DEFCON 22 2014 Conference Report

DEFCON22

A detailed conference report of the sessions attended has been posted: DEFCON22 (PDF).

In addition, here is a summary of DEFCON 22 related news articles of potential interest:

Here are pointers to previous reports: DEFCON 18, DEFCON 19, DEFCON 20, and DEFCON 21.


TECH NEWS RADIO PODCAST #373 | 2014-08-02 | NMAP #DDOP

 Listen! (Size 2.12 MBs, Running Time 2m10s)
 
Today's podcast is inspired by the Dog Days Of Podcasting (#DDOP).  It is a single focus recommendation on why I have NMAP in my security toolkit and why you should consider it.

Feel free to follow along with Steve Holden at: Twitter and/or Google+.  For technology news only updates follow TechNewsRadio @ Twitter.


Tracking News Related To TrueCrypt

Here are some links to stories about TrueCrypt shutting down:

TrueCrypt is a key tool in our toolkit for protecting data and we use it everyday.  If it is actually going to go away then it will leave a big whole in end-user security options for data encryption.