Free Trial
Schedule Demo
The Fidelis Threat Research team is comprised of expert security researchers whose sole focus is generating accurate and actionable intelligence to better secure customers. Together, they represent over... Read More
Comments
Fidelis Cybersecurity is proud to support the Wall of Sheep (WoS) at Def Con 2016, but this Wall needs to come down.
Over the past several years, it’s been standing-room only for WoS participants. This year’s event promises to be even more spectacular. For those who need background, the ‘sheep’ on this wall are users whose internet traffic reveals their credentials (user names and passwords) passed in the clear, for prying eyes to see.
The exercise starts as users sign on to the conference’s free wireless network. A copy of that traffic is given to participants whose job is to analyze that traffic, spot those credentials and report them to WoS organizers. When they’re satisfied with the data presented, the credentials (with the passwords obscured) are posted to the ‘Wall’ – a giant screen in the Packet Hacking Village.
Aries Security runs this much-anticipated annual event. For the past four years, we have had the honor to sponsor ‘Packet Detective’, an exercise focused on network forensics techniques. Each year, we host a friendly team that competes using Fidelis Network® to look at and analyze traffic.
It’s been very interesting to see what traverses over the Wi-Fi network. Here are some key findings:
While a user whose credentials are captured and displayed at the Wall might feel somewhat embarrassed, the exercise is aimed at drawing attention to the fact that this could happen to anyone, on any network – Wi-Fi at the coffee shop or airport, the university, businesses you visit and even on your home ISP.
The WoS event helps drive awareness of the dangers of credentials in the clear. It’s important to us, to get this message out. Our goal is to inform every user and secure every application so that all credentials and sensitive information are hidden from people intent on causing you harm. We look forward to the day when the systems and applications we use are safe. Our personal information and privacy is protected when transferring data. When that happens, and not a day before, we can take that wall down. Dear Internet, Let’s Tear Down This Wall!
Fidelis Cybersecurity will be at DEF CON 2016 and the Wall of Sheep! Come by and say hello. Meet our threat experts at the following sessions:
To Catch an APT: YARA
Saturday, 8/6, 10:10 am, Packet Hacking Village, 26th floor, Bally’s Indigo Tower
Jay Dimartino, senior threat research engineer, shows how to hunt for APT armed with the pattern matching Swiss knife called YARA. Learn how to author YARA rule signatures with techniques used by malware researchers to mercilessly hunt down elusive adversaries, and discover patterns in their code.
Mining Virus Total for Operational Data and Applying a Quality Control
Saturday, 8/6, 5:10 pm, Packet Hacking Village, 26th Floor, Bally’s Indigo Tower
Gita Ziabari, senior threat research engineer, will discuss techniques to achieve improved and actionable threat intelligence with VirusTotal. Her talk will cover how operational data sets can be obtained using specific APIs, algorithms and source code.
OPSEC Concerns in Using Encryption
Sunday, 8/7, 12:00 pm, Crypto & Privacy Village, Bally’s Bronze 2
John Bambenek, Fidelis Manager of Threat System, will cover OPSEC concerns with using crypto (and when not to use it). The talk will also provide an overview of a no-cost tool available to security researchers for random generation of self-signed certs.
See you at DEF CON!
-Fidelis VP of Threat Research Hardik Modi