Security B-Sides London 2012 April 25, 2012 to April 25, 2012, London, UK

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Windows Phone 7 platform and application security overview David Rook "Windows Phone 7 is the latest mobile operating system from Microsoft and is the youngest ... IncludeThinkstScapes Windows Phone 7
A Salesman's Guide to Social Engineering Gavin Ewan "Social Engineering is currently one of the buzz terms within the hacking field. Like children ... Security
ENGLISH MOFO? Do you speak it? Javvad Malik Business leaders need to make decisions on how best to sustain and grow their business ... Security
The Do Over: Building A Green-field F500 Infrastructure Nick Selby "When a targeted nation-state sponsored attack was launched against a F500 which had for years ... Security
Breaking in to Security Robin Wood At least once a month someone asks me directly, or through a mailing list, how ... Security
Fus Ro Dah! Christopher Boyd In-game advertising is becoming more visible (and in some cases, more intrusive) in the world ... Security
Mapping The Penetration Tester's Mind: 0 to Root in 60 Minutes Kizz Myanthia Mapping the Penetration Tester�s Mind is a bridge gap series made to bring information technology ... Security
Building a SDLC utilisng OWASP resources Chris Edmunds in this presentaion I will show how the free and open resources of OWASP (Open ... Security
Does your data belong to Pastebin? Xavier Mertens "During my talk, I'll present a small tool that I wrote to monitor the content ... Security
Social Engineering - How is it really done? Ian Maxted "Let's talk about social engineering, what is it? How is it really done? The 30 ... Security
HTML5 - A Whole New Attack Vector Robert Mcardle "HTML5 opens up a wide and wonderful new world for Web Designers to explore - ... HTML5 ExcludeThinkstScapes
InfoSec and the Mayan Apocalypse Stephen Bonner "As we all know the Human Race is over on 21st Dec 2012 due to ... Security
Introducing OWTF Abraham Aranguren Summary: An introduction to the Offensive (Web, etc) Testing Framework (aka OWTF) including demos of ... Security
Legal and efficient web app testing without permission Abraham Aranguren Summary: An OWASP-focused walk-through on passive and semi passive techniques to assess Web app security ... Security
Pentesting like a Grandmaster Abraham Aranguren Summary: A walk-through of the techniques chess players use, how they apply to pen testing ... Security
SCADA Security: Why is it so hard? Amol Sarwate This talk will present technical security challenges faced by organizations that have SCADA, critical infrastructure ... Security
Determining Personality Traits & Privacy Concerns from Facebook Activity Chris Sumner "This study explored the extent to which it is possible to predict personality traits and ... Security
Herding lolcats: tales from the incident response coalface James Davus Keeping watch over one of the fastest, largest, busiest and most diverse networks in the ... Security
Elegant Security Stephen Bonner "This talk highlights examples of the most elegant attacks and defenses in IT Security - ... Security
Shadowboxing your way to secure applications Rory Mccune There\'s a lot of confusion in testing about what\'s the "best" way to assess the ... Security
An Anatomy of a Risk Assessment Thom Langford A thorough risk assessment is an intimate process, akin to the dissection and analysis of ... Security
A Civilian's View of Security Scott Cowie Today\'s world is quite scary with ID theft, fraud and physical theft. Has security industry ... Security
UPnP - The Useful plug and pwn protocol - revisited Arron ( finux ) Finnon Universal Plug and Play protocol (UPnP) can be described as a set of networking protocols ... Security
Tuning to a different key - introducing weaknesses into security devices Arron ( finux ) Finnon When security devices such as NIDS/NIPS (Network Intrusion Detection/Prevention Systems) are developing their rules/signatures, exploit ... Security
IronWASP Manish Saindane "IronWASP (Iron Web application Advanced Security testing Platform) is an open source system for web ... Security
Dissecting APT, Night Dragon, and Aurora Rohyt Belani "Targeted phishing attacks are now the mainstay of organized crime and espionage. This presentation will ... Security
Escalating privileges on common webapps Sandro Gauci In this presentation we will look at how to escalate privileges on web applications. I ... Security
Can You Crack it - nope I will let someone else do it for me... Cliff O'Sullivan "A talk based around how I socially engineered the answer to part one of the ... Security
Set Sail For Enterprise Fail Steve Lord "Have you ever seen an enterprise application deployment go completely sideways? Steve has. At the ... Security
Are you ready for slow reading? Sergey Shekyan While developers and administrators are paying attention to handling slow HTTP requests without issues, another ... Security
satellite hacking Paul Marsh What sort of data can be received from the vast numbers of satellites in orbit ... Security
Lessons from the Trenches: Implementing and Achieving BS 25999 Certification in a Bank Vinayak Ram "The number of companies getting certified against the BS 25999 is growing exponentially. Ensuring continuity ... Security
Blind Fury: An Alternate Web App Fingerprinting Technique Mike Shema Web app fingerprinting attempts to identify the type and version of JavaScript libraries and application ... Security
Cell Injection: Attacking end users through the application. David Stubley We�re all familiar with input and output validation and why it�s important for the overall ... Security
Virus Propagation via Social Engineering Jingwei Tan The presentation explores the recent use of non-technical exploits on the human operating system by ... Security
The Illusion Of Security - A World Into Lock Picking! Daniel nathan Williams "Locks, locks and more locks! Everywhere you go you can see locks around the place ... Security
vSphere5 hardening and assessment automation Davi Ottenheimer This presentation describes the process of writing the latest benchmark hardening and assessment methods based ... Security
Security In a World SaaS Applications Ian Moyse Cloud is the most hyped computing term in years and every vendor is marketing cloud ... Security
SSL and PKI: The Pillars of Broken Security Ivan Ristic Recent attacks on browsers and certificate authorities for SSL have shown how fragile these systems ... Security
H@cking Tayles of the first degree ? Student Centred Hacking. Colin Mclean In 2006, �Abertay� a small University in North East Scotland released the world�s first undergraduate ... Security
SAP Slapping (a pentesters guide) Dave Hartley The talk aims to provide the audience with just enough information to go from zer0 ... SAP IncludeThinkstScapes
Finding the weak link in Windows binaries Ollie Whitehouse "Modern Microsoft Windows applications can be a chore when finding where to spend one's effort ... IncludeThinkstScapes Code Analysis Attack Planning Windows
The Evil Overlord Guide to Security Glyn Wintle , Sheila Thomson "A humorous Top 10 of security vulnerabilities including practical approaches for addressing them. Inspired by ...
United States Of Browser Insecurity Sasha Zivojinovic This talk will cover the state of browser enforced security models in 2012: Including Same-Origin ... Security
Twitter spam: The life of a bot Marc Wickenden The rise of Twitter and URL shortening websites has brought with it a daily deluge ... Security
ssh-agent: Abusing the trust Marc Wickenden SSH with public key authentication is seen as a robust and secure solution and as ... Security
Building your own Zombie Horde - Dynamic Web Scanning at Massive Scale Erik Peterson "In the 12 years since automated dynamic application scanning tools have been available, DAST has ... Security
The inherent issues in interpreted languages Rorie Hood Interpretation is a modern, common method of source code compilation. It allows interpreted languages to ... Security
I know what you scanned last summer Darren Fuller In May 2010 a "default" email address used by a popular web application vulnerability scanner ... Security
Bypassing end-point protection using a ball of string and some bubblegum Chris john Riley "I'm sure we've all day it... that popup on a box that just won't go ... Security
Antiforensics extravaganza - wreck ALL the data! Manuel Leithner , Christian Krieg "Welcome to Totallynotenglistan, which recently got rid of that outdated view that you have any ...
MIFARE: Real World Cookies Mike Auty , Zak Maples The weaknesses in MiFare are well documented and have been widely known for a number ...
Making Sense of Cyber Threats - Management Overview Alan Calder News reports regularly describe cyber attacks and the UK government has recently published a new ... Security
Hacking Senior Management - Getting Your Message Across Brian Honan Why is it that despite regular news headlines about security breach after security breach, senior ... Security
May The Force be With You - Infosec Lessons from Star Wars Brian Honan "This talk will take a light hearted look at the Star Wars movies and highlight ... Security