____	
  / _ /
 / _ |  ___
/____/ / __/    _    ___   ___   _  _   __  
       | |  /  / |  /_    /__   / \/ / /    /
     /___/ /  /__/ /___  ___/  /_/\_/ /__  /__
	 
BSides Newcastle 2020 2020 Programme Sponsorship 2020 CTF  BSides Newcastle 2019

Follow us on Twitter @BSidesNCL 
Follow us on Linked In BSidesNewcastle 
Follow us on Facebook BSidesNewcastle 

BSides Newcastle 2020 Programme
-----------------------------------
# Bringing the Weird Virtual ...#
-----------------------------------
Date 4/9/2020 - 5/9/2020 
Time 10:00 - 23:00

Tickets via EventBrite HERE

Friday September 4th

Starts at	
9.15am		Open Ramblings - Ben, Sam, Phil
9.30am		Keynote: The Beer Farmers "If History Teaches Us Anything, It's That We Ignore It"

	In this talk, we look back across the history of notable security incidents and reflect 
	that, years later, the same problems that led to them remain and that if anything things 
	are getting worse. Is it unpatched software, poor credential management or poor 
	configuration? 
	The answer is yes and as we fast forward, nothing seems to materially change for the 
	better. We'll discuss these and other age old problems, why they still exist and what 
	hope there is for the future. As a Beer Farmers production, it'll contain the usual fun 
	and light-hearted feels, but also deliver some important messages and takeaways. 

10.30am		@safesecs and @cy_ninja - aka Hump and Dick - the pilot podcast live
	
	Been doing this for 20 years and we know nothing, Jon Snow. But here's what we learned along 
	the way. Featuring our first guest @KeirSnelling

11.00am		Break
11.15am		Zoompinions

11.30am		@aitezazmohsin: The Great Hotel Hack: Adventures in attacking hospitality industry

	Ever wondered your presence exposed to an unknown entity even when you are promised for 
	full security and discretion in a hotel? Well, it would be scary to know that the 
	hospitality industry is a prime board nowadays for cyber threats as hotels offer many 
	opportunities for hackers and other cybercriminals to target them and therefore resulting 
	in data breaches. Not just important credit card details are a prime reason, but also an 
	overload of guest data, including emails, passport details, home addresses and more. 
	Marriot International where 500 million guests' private information was compromised sets 
	for one of the best examples. Besides data compromise, surgical strikes have been 
	conducted by threat actors against targeted guests at luxury hotels in Asia and the 
	United States. The advanced persistent threat campaign called Darkhotel infected 
	wifi-networks at luxury hotels, prompted the victim to download the malware and thus, 
	succeeded in specifically targeting traveling business executives in a variety of 
	industries and all its prevalence seems to have no end yet. 

	For a broader look, this time a popular internet gateway device for visitor based 
	networks commonly installed in hotels, malls and other places that provides guests 
	temporary access to Wi-Fi was examined. To see, how the guests and the hotels both have a 
	serious stake in this, we will discourse about the working of guest Wi-Fi systems, 
	different use cases and their attack surfaces: device exploitation, network traffic 
	hi-jacking, accessing guest's details and more. Common attacks and their corresponding 
	defenses will be discussed. This talk will contain demos of attacks to reveal how the 
	remote exploitation of such a device puts millions of guests at risk.

12.00pm		Adam Anderson: How to Start a Business as a Cyber Security Professional

	Freedom
	The #1 Reason Cyber Security Professionals Start Businesses.
	Time
	40 hours a week?  Try 50+ and working strange hours and weekends.
	Tired of the 8 to 5 grind? Of asking permission for vacations?  Of being on someone else's clock?
	Own your Schedule.
	Money
	They tell you how much you are worth by setting you pay.
	Stop following other people's rules on your value.  Stop trading time for money.
	Take Control over how you make money.
	Autonomy
	It takes one executive to not understand what you do and you are at risk of getting "Downsized" or "Furloughed". 
	Work on what you want, when you want, and why you want too.
	Be Your Own Boss.

1.00pm		Lunch Break - Howt'aget bai in geordie

1.30pm		@HackerHurricane: You need a PROcess to check your running processes and modules.  The bad guys, and red teams are coming after them!

	If there is a file on disk, you can easily SEE the bad fu, but what if the malware is 
	nowhere to be found on the disk?  Malware can be broken up into several types, some call 
	it “fileless malware” (poor non-descript term).  The malware really isn’t fileless, the 
	file, or code lives somewhere, the registry, WMI database, or the focus of this talk, in 
	memory.  This talk will focus on Memware that has been injected into memory, most likely 
	injected a process or added a DLL and may not reside on disk while the system is 
	running.Do you have a PROcess to detect, investigate, respond, and/or hunt for Memware?
	
	This talk will walk through some commodity and Red Team examples of how this works and 
	what you can do to address this newly expanding threat that is becoming more and more 
	common in commodity malware, Red Team engagements, and of course APT attackers, because 
	it can avoid so many security tools.  Attendees will leave with some ideas and tools that 
	can help youdetect, investigate and hunt for Memware.


2.30pm		@samhogy: Security Continuous Delivery Pipelines

	This session details why security needs to be at the forefront of our thinking when 
	building a CI/CD pipeline. We will cover tools, techniques and principles involved when 
	developing a pipeline, from vulnerability scanning to the principle of least privilege. 
	We'll also cover how to build security into the application that you're developing 
	through testing practice.

	You will come out of this session with an understanding of existing approaches for
	securing CI/CD pipelines."

3.00pm		Ben Presents @AngusRedBlue's slides in the style of "Whose Slide is it Anyway?"

3.30pm		Break 

4.15pm		Would you like to play a game?

4.45pm		Locknote: Chani Simms "Ticking box or ticking bomb"
	Are we really building trust of losing it completely? Challenges in poor leadership and 
	short-sighted behaviour are losing the battle.
5.45pm		Zoompinions
6.00pm		Break 
6.15pm		Welcome back
			Miss Jackalope, Make Ben Do Dares, & Hacker Karaoke
			
			

Saturday September 5th 	

Workshops

13:00 - 16:15 @coffee_fueled - Playing at Security
	
	Building and running an effective and engaging incident response tabletop scenario

13:00 - 16:15 @Jilles_com - In this Hardware Hacking Workshop for the absolute beginners Jilles 
	In this Hardware Hacking Workshop for the absolute beginners Jilles will tell you about 
	the challenges in hardware security and teach you how to identify the different 
	components of a device. The different ways you can attack hardware and will he will even 
	show you protocols on '0' and '1' level. All in his humorous style and no no-nonsense 
	attitude. Spending £ 20 will get you very far according to Jilles and most participants 
	will run to the thrift shop to get their hands dirty! At the end of the lecture is a 
	small CTF where you can experience what you have just learned. Don’t miss this.

	Jilles Groenendijk is a Hardware Hacker that works for Deloitte in The Netherlands. He 
	learned his way around by tearing apart devices ever since he was a little boy. "I like 
	to figure out how stuff works" is what drives him. He has been teaching science and 
	technology to children in elementary school. His lectures and workshop are aimed for both 
	adults and children; "Inspire the people and get them kickstarted" Recently he started an 
	interactive livestream where a telephone was created, communication via laser beams, and 
	he turned domotic sensors into a high sensitive alarm system.

Community Love Track

Starts at											
9.45am		Open Ramblings - Ben, Sam, Phil	

10.00am		Keynote: @SeanWrightSec The need for Application Security
	
	"Shift left! As businesses push themselves to outpace their competition, they are 
	delivering software and services at an ever increasing rate. Unless security is built 
	into the early stages of a software development lifecycle, organisations might find 
	themselves facing several security vulnerabilities in their software, or even worse 
	appear in the media for the wrong reasons.

	In this talk I will cover briefly what Application Security is, how it is relevant to the 
	modern software development lifecycle. I will also cover some real world examples where a 
	failure of including Application Security has lead to real world security related 
	incidents. Finally I will cover some solutions which organisations can adopt to help 
	improve the Application Security within their own software development lifecycle. "
	
11.00am		@kimberley_HG: Big Data and IoT. 
 	

11.30am 	Antagonistics

	From the simplistic knights arming sword to the complex fencing of the musketeer's 
	rapier, swordplay has taken many forms over the centuries.  This whistle stop tour of 
	different blades will introduce you to some of the common sword arts that have been used 
	as well as practical demonstrations.

11.45am		@SencodeCS: Lifes a breach. Modern data breach reporting with Sencode Breaches

	We have recently developed a new, free data breach database tool. This tool is titled "Sencode 
	Breaches". The talk is mainly to go through this web application and my reasons for creating 
	it. 


12.15pm		Panel	


1.00pm		Lunch Break, Frank White  discusses “Why Hackers should get involved with Space" 

	Space for Humanity believes that if we leave space travel to mega corporations and 
	governments alone, we lose a part of humanity’s voice along the journey.  I have a vision 
	where we democratize this process by giving those on the outside of the industry a way to 
	be heard. 

	This is where Hackers and Security people come in. I can think of no better group to 
	“Go First” when it comes to being a loud voice.  It’s basically in our DNA. 

	If we can get the community excited about this mission, we can do this our way.

	Plus the tinfoil hat commpetition, Rules TBC....


2.15pm		DavidZ: Things that happens late at night
	
	Work/Life/Security is stressful and we need to find balance, here is some of mine.

2.45pm		@infosecwar: G.E.D. to C.E.O. – How I Hacked a Career in Cyber	

	Not all of us come into the field of infosec by traditional means. Some of us have to 
	fight, kick, claw and hack our way through it. Duncan’s journey was certainly the 
	latter.  During this talk, he will share his experiences and insights in worked for him, 
	along with tips and tricks to hack your way into cyber and build a sustainable, 
	satisfying career in the field.
 
	Outline:
	-Education, certification or experience. What matters most?
	-Resume faux pas
	-Interview turn-offs
	-What red flags to look out for
	-Tips for getting past application tracking systems
	-How can social media help/hurt candidates
	-How to handle negotiations
	-OSINT of potential employers
	-Acceptable “cold calling” via email/LinkedIn
	-Building your personal brand"

3.45pm		@bsdbandit: Hackers and Healing	

	My talk will discuss the connection between hackers and mental health and how hackers can
	improve both their skill set and mental health  at the same time .

4.15pm		Bartitsu

	An introduction to the Victorian mixed martial art of Bartitsu.  A combination of English 
	pugilism, French savate, Japanese Jujitsu and Swiss cane fighting.  Made famous by Sherlock
	Holmes, this real art played a part in the women's suffrage movement and is making a 
	resurgence around the world today.


4.45pm		Locknote: Ray Redacted - Jedi Masters, Sith Lords, and Droids: 5 Generations of Hacking	


6.15pm		Jerry's Final Zoompinions	
6.30pm		Break 	
6.45pm		Welcome back	
			"Pub Quiz"  with the Fear Barmers and Sam, and YT Cracker	

Code Love Track

Starts at	
9.45am		Open Ramblings - Ben, Sam, Phil	
10.00am		Keynote: @SeanWrightSec The need for Application Security

		
11.00am		@BeeFaauBee09: From Z3R0 to H3R0 - Journey from Discovering Vulnerabilities towards Disclosure
	The talk will discuss about journey from discovering vulnerabilities in different android 
	applications having premium features, sensitive data of citizens, and online orders 
	leading towards approaching relevant authorities, disclosing all of the required details 
	and solutions. It is to be noted that one of the application has been downloaded by more 
	than 1.5 million users and exploiting such vulnerabilities would have adverse affect on 
	organization as reputational and regulatory. The talk will also focus on how security 
	researchers can contact relevant authorities of organization more effectively and 
	disclose such critical vulnerabilities

11.30am 	Antagonistics

	From the simplistic knights arming sword to the complex fencing of the musketeer's 
	rapier, swordplay has taken many forms over the centuries.  This whistle stop tour of 
	different blades will introduce you to some of the common sword arts that have been used 
	as well as practical demonstrations.

11.45am		@_bugc4t: Compliance meets SIEM automation
	
	SIEM automation is driving a lot of SOC roles but the end-users of products like Splunk 
	tend to be engineers or "techies". Approaching it from a GRC perspective gives us the 
	ability to "prove" compliance. Industry standards such as PCI give focus to traditional 
	receptors for logging: security incident and response teams. However, when you try and 
	quantify compliance - e.g. what percentage compliant are we - we get a measure we can use 
	ahead of audits. Plus other cool stuff like event correlation for tracking a hacker 
	compromising a machine.

12.15pm		Panel


1.00pm		Lunch Break, Frank White  discusses “Why Hackers should get involved with Space" 

	Space for Humanity believes that if we leave space travel to mega corporations and 
	governments alone, we lose a part of humanity’s voice along the journey.  I have a vision 
	where we democratize this process by giving those on the outside of the industry a way to 
	be heard. 

	This is where Hackers and Security people come in. I can think of no better group to 
	“Go First” when it comes to being a loud voice.  It’s basically in our DNA. 

	If we can get the community excited about this mission, we can do this our way.

	Plus the tinfoil hat commpetition, Rules TBC....



2.15pm		@s0lst1c3: Introducing DropEngine: A Malleable Payload Creation Framework

	"In this talk, we'll introduce DropEngine -- a modular framework for creating malleable 
	initial access payloads (also known as ""droppers"" or ""shellcode runners"").

	Initial access payloads serve a deceptively simple purpose: loading implants from disk 
	into memory. However, a number of obstacles stand in the way of this seemingly mundane 
	task. To start with, the payload must safely be delivered to its intended target (usually 
	via spearphishing). During delivery, the payload is exposed to signature-based detections 
	and analyzed from within an automated sandbox. The payload must then be saved to disk 
	without triggering antivirus, and must load the implant into memory without alerting 
	Endpoint Detection and Response (EDR). Due to the widespread use of application 
	whitelisting, payload authors are restricted to languages that are compatible with ""Live 
	Off the Land Binaries and Scripts"" (LOLBAS), most of which are executed through the 
	Windows Common Language Runtime (CLR). This means that most payloads must also contend 
	with Microsoft's Anti-Malware Scan Interface (AMSI). Finally, the payload must be able to 
	withstand analysis by threat hunters and reverse engineers.

	These obstacles are not insurmountable. However, defense evasion techniques tend to have 
	a short shelf-life, and become particularly stale after repeated use. Because of this, 
	payloads are often prepared on a per-engagement basis, which is hardly an easy feat when 
	done by hand.

	DropEngine addresses this problem by providing a malleable framework for creating 
	shellcode runners. Operators can choose from a selection of components and combine them 
	to create highly sophisticated payloads within seconds. Available payload components 
	include crypters, execution mechanisms, and environmental and remote keying functions. 
	Also included are pre-execution modules such as sandbox checks and AMSI bypasses, as well 
	cleanup modules that execute after the implant is loaded into memory. DropEngine comes 
	pre-packaged with example modules that are more than sufficient to bypass signature and 
	heuristic-based detections at the time of writing. However, DropEngine's true strength is 
	that it improves operational efficiency by providing a high degree standardization, while 
	allowing operators to control just about every aspect of the payload's signature and 
	behavior."
	
3.15pm		@logicbomb_1: Shift Left with DevSecOps: Scanning every single code change

	Here we will talk about building a solution to push a shift left culture for security by the 
	automated process for continuous scanning of different kinds of potential security issues on 
	every code change.

	Some of the improvement it brings - 
	
	Early Checks — Now security checks are performed as soon as any PR is raised and the result is 
	posted on PR as a comment to review.Highly Flexible —The security checks are very modular. We 
	can add more checks as we want and configure to perform response based action.Completely 
	
	Automated — Automation is the key/let the machines do the work.
	
	In this talk, we will explore answers to all these questions, and see how can we built such a 
	practical working solution, most of which have been acquired through hard experiences. 	



3.45pm		@mauroeldritch / @larm182luis: Charge!: Why you shouldn't trust that power bank
"Is it possible to weaponize a portable charger?

	Could someone hack your phone using a tampered portable charger?
	In this talk we will answer these questions and show you how to build a BadUSB charger at home."

4.15pm		Bartitsu

	An introduction to the Victorian mixed martial art of Bartitsu.  A combination of English 
	pugilism, French savate, Japanese Jujitsu and Swiss cane fighting.  Made famous by Sherlock
	Holmes, this real art played a part in the women's suffrage movement and is making a 
	resurgence around the world today.
	
4.45pm		Locknote: Ray Redacted - Jedi Masters, Sith Lords, and Droids: 5 Generations of Hacking	

	
6.15pm		Jerry's Final Zoompinions	


6.30pm		Break 	
6.45pm		Welcome back	
			"Pub Quiz"  with the Fear Barmers and Sam, and YT Cracker	
		
Later	close