Wednesday 25-March-2015 // 6:00 – 9:00 PM
BUILDING: Telus Building
25 York Street, 3rd Floor
(Room 003-031 Spirited Teamwork)
Talk #1: “Rene Hamel presents: A Decades Worth of Changes in Cyber Forensics”
Over the past decade the advancement of a myriad of tools, techniques and technology to eliminate and hide digital evidence have increased at an alarming rate. This presentation will focus on how users with malicious intents have evolve in their techniques and the use of new software tools that automate data hiding applications are now common place. Now those users in the workplace have easy access to the Internet with smart mobile devices and cloud services. The security landscape has changed exponentially and this new environment has enabled some users to become opportunists and take advantage of fragile system security and exploit their weaknesses. As diligent digital investigators, it is necessary to keep up with tools and methods and this presentation will talk about what worked and what was short lived in forensic.
Speaker: Rene Hamel
Over the past ten years, Rene has overseen and assisted in multiple client engagements for some of the largest global corporation, financial institutions, legal firms and industry regulators. His contribution has been key to the successful resolution of numerous high profile investigations ranging from the usual anti-competitive behaviour found across these global organizations to finding the key piece of digital fraud evidence. Over the las ten years, Rene has worked and resided in Canada, Europe and South East Asia. He will share some of the challenges he has had to overcome while helping establish and manage forensic technology groups in parallel with maintaining high ethics and standards for the organization.
Talk #2: “Embedded Devices & Firmware Analysis”
Bad code is everywhere and the tools to dig it up are maturing at an astonishing rate. The day of reckoning has come device manufacturers who have neglected the adoption of secure development practices. Join us as we dive into firmware updates for many different devices and uncover undocumented ‘recovery features’ (backdoors), hardcoded accounts, direct url access/permissions issues and buffer overflows. Be entertained as we pop shells on routers with command injection, explore buffer overflows on MIPS processors, and facepalm over the obvious back doors. Jeremy has been focusing on router firmware analysis and has recently added harddrive firmware, Building Automation PLCs, and critical care drug pumps to the list. What 0day will he drop next?
Speaker: Jeremy Richards
Jeremy Richards is the Owner of HexTech Security and a Technical Partner with SAINT Corporation. Jeremy has been performing research and uncovering weaknesses in a variety of technologies, and developing security software professionally for nearly a decade. These days he spends his time writing remote unauthenticated vulnerability checks by reverse engineering changes introduced by security patches and identifying the root cause. Jeremy has recently started developing a framework to extract data from firmware images and perform automated analysis. His research in this area has uncovered a compelling number of undocumented risks that impact a large number of devices and user environments.