Details
Notification List
Please sign up to our email notification list for advanced notification of planned Ruxmon events and presentation details.
Location
402 Swanston Street, RMIT City Campus: Building 12, floor 7, room 2
Presentations
How to improve your threat research, YARA + KLara - Noushin Shabab
Level: Intermediate
YARA is a tool used by security researchers to hunt, identify and classify malwares. Using YARA is relatively easy, however it can result in amazing findings. YARA is specially very powerful when used on big sample collections. But its real powers are only unleashed when scanning big libraries happen in a time-efficient way with no computing power issues or storage limitations. KLara is a distributed system that can run a fast, distributed series of YARA scans and is now in open source domain and is available to everyone. In this talk we will have a look at YARA with some of its interesting features and also will learn what KLara is and how it can help the hunting job.
Bio
Noushin Shabab (@NoushinShbb) is a cyber security researcher based in Australia specialising in reverse engineering and targeted attack investigations. She joined Kaspersky Lab in 2016 as a senior security researcher in the Global Research & Analysis Team (GReAT). Her research focuses on the investigation of advanced cyber criminal activities and targeted attacks with a particular focus on local threats in the Australia/New Zealand and Asia Pacific region.
Adventure Time Cont. - Joaquim Espinhara
Level: Intermediate
Around the world fraud represents the biggest threats to financial institutions, especially banks, many of which are investing significant amounts of money in modern anti-fraud systems that do not completely prevent abuses, but actually, reduce the losses. Around two or three years ago I started by myself in my spare time looking into a popular anti-fraud software common in Brazil which is used by the biggest banks.
In this time, I released details about vulnerabilities and weakness present in the "agent" installed in the bank's customer's computers that might pose risk to the users. Some context about the software, Warsaw is a software developed by Gas Tecnologia, now part of Diebold group, and has become the industry security standard solution used by most various banks in Latin America. Under the guise of protecting the customer's online banking transactions, Warsaw is mandatory to be installed on personal computers which the user needs to access Internet Banking, with no alternatives left to bank customers. This quick presentation is intended to share with you some old and new findings and potentially new tricks that could be applied to other targets/software.
Bio
Joaquim Espinhara is just a random guy that likes computer and (in)security. Working daytime as Principal Security Consultant at Threat Intelligence Pty performing countless network and application (Web/Mobile/Desktop) penetration tests and security-focused code reviews for various organisations across the globe, including government, banks, retail and etc. Also, acting as Chief Hacking Officer at Bitwise Labs, a research security group focused on vulnerability research and exploits development in my spare time, and last but not least, I'm a TheGoonies CTF team player. Finally, playing as "professional" speaker, recent presentations include Infiltrate, H2HC, YSTS, Confidence, Black Hat USA, Black Hat Brazil Summit, HITB Kuala Lumpur, HITB Amsterdam, Roadsec, Ruxmon, Ruxcon Turbo Talks, Silver Bullet, Secure Brasil and others.
Archive
When | Title | Speaker | Materials |
---|---|---|---|
Friday 27th April 2018 |
How to improve your threat research, YARA + KLara |
Noushin Shabab |
Not available |
Friday 27th April 2018 |
Adventure Time Cont. |
Joaquim Espinhara |
Not available |
Friday 23rd March 2018 |
JWT == insecurity ?? |
Louis Nyffenegger |
Not available |
Friday 23rd March 2018 |
Not available | ||
Friday 25th August 2017 |
BitcoinCTF III |
Luke Jahnke |
Not available |
Friday 25th August 2017 |
Building a SOC for fun and profit |
Barry Anderson |
Not available |
Friday 28th July 2017 |
Keyboard cowboys - Herding shells |
Eldar Marcussen |
Not available |
Friday 28th July 2017 |
Not available | ||
Friday 30th June 2017 |
Internal Pentest: from z3r0 to h3r0 |
Marcio Almeida |
Not available |
Friday 30th June 2017 |
Not available | ||
Friday 26th May 2017 |
Advancements in p455w0rd cr4ck1n6 |
John Gerardos |
Not available |
Friday 26th May 2017 |
Not available | ||
Friday 28th April 2017 |
The Application security aspect of cyber is very, very tough |
Louis Nyffenegger and Ash Fox |
Not available |
Friday 28th April 2017 |
Not available | ||
Friday 31st March 2017 |
UniFi'd Ownage - Centralised and Automated Network Management |
Tim Noise |
Not available |
Friday 31st March 2017 |
Not available | ||
Friday 26th August 2016 |
Making GDB fun again |
Chris Alladoum |
Not available |
Friday 26th August 2016 |
Not available | ||
Friday 27th May 2016 |
The Devopsification of IT Security |
Barry Anderson |
Not available |
Friday 27th May 2016 |
Uncaging Faraday |
Ulisses Albuquerque |
Not available |
Friday 29th April 2016 |
Swimming drunk in a croc infested billabong: Practical Exploitation of DROWN |
Tim Noise |
Slides |
Friday 29th April 2016 |
Enterprise Wi-Fi Recon: rEAPing the benefits |
Luke McDonnell |
Slides |
Friday 18th March 2016 |
American Fuzzy Lop - fuzzing like there's no tomorrow |
Joaquim Espinhara |
Not available |
Friday 18th March 2016 |
Web Application Security |
Louis Nyffenegger |
Slides |
Friday 25th September 2015 |
What's your Zodiac Sign? |
Kayne Naughton |
Not available |
Friday 25th September 2015 |
Not available | ||
Friday 28th August 2015 |
Hacking Web Apps like a pimp |
Chris Alladoum |
Not available |
Friday 28th August 2015 |
You probably DO need a cryptographic hash function |
Michael Samuel |
Not available |
Friday 31st July 2015 |
Security Anti-Patterns |
Barry Anderson |
Slides |
Friday 31st July 2015 |
Journey from research to exploit |
Tim Noise |
Not available |
Friday 12th June 2015 |
Hacking trends, types of attacks, cool and interesting technical details |
Mike Smith - CTO Akamai Technologies |
Not available |
Friday 12th June 2015 |
Not available | ||
Friday 29th May 2015 |
QEMUing up a storm: why QEMU is awesome for doing embedded stuff |
Peter Fillmore |
Not available |
Friday 29th May 2015 |
BitcoinCTF II - The Shadow and the Flame |
Luke Jahnke |
Not available |
Friday 24th April 2015 |
Introduction to security code review for the web |
Louis Nyffenegger |
Slides |
Friday 24th April 2015 |
Opening garage doors with an iPhone and HackRF: Adventures in Software-defined Radio |
Hubert Seiwert |
Not available |
Friday 27th March 2015 |
Building an FPGA-based Glitcher to Defeat Hardware |
Silvio Cesare |
Not available |
Friday 27th March 2015 |
Bug Bounties -- What's the Story? |
Nathaniel Wakelam |
Not available |
Friday 1st August 2014 |
Why would a geek leak? |
Thomas Drake & Jesselyn Radack |
Not available |
Friday 1st August 2014 |
Not available | ||
Friday 27th June 2014 |
Post-Snowden OpenSSH |
Damien Miller |
Not available |
Friday 27th June 2014 |
Rogue Containers – A Virtual Disk Escape |
Shanon Olsson |
Not available |
Friday 30th May 2014 |
Git Money: Snatching Source Trees |
Tim Noise |
Not available |
Friday 30th May 2014 |
B.R.E.A.M. (A.K.A the Blockchain Ruins Everything Around Me) |
Kayne Naughton |
Not available |
Friday 28th March 2014 |
Avocent Virtual Media Pwnage |
Michael Sameul |
Not available |
Friday 28th March 2014 |
Pager Security |
Andrew Horton |
Slides |
Friday 28th February 2014 |
RuxLox |
Topy |
Not available |
Friday 28th February 2014 |
Goto Fail: Apple SSL broken again |
Hubert Seiwert |
Not available |
Supported By
