News Releases

Trustwave to Highlight Ethical Hacking, New Security Research at Upcoming Security Events | Trustwave

Written by | Jul 22, 2013 9:24:00 AM

SpiderLabs Team at Trustwave to Lead Twelve Speaking Sessions at Black Hat, DEF CON 21, BSides Las Vegas

CHICAGO, IL - July 22, 2013 - Ethical hackers, data breach investigators and security researchers from Trustwave will lead twelve speaking sessions and be on-hand during next week's Black Hat USA, DEF CON 21 and BSides security events in Las Vegas - July 27 to August 4. The SpiderLabs team at Trustwave will discuss the future of penetration testing, offer incident response training, and unveil cutting-edge security research ranging from home-networked consumer device vulnerabilities to new spear phishing techniques.

Speaking and training sessions include:

"Home Invasion v2.0-Attacking Network Controlled Hardware" at Black Hat USA and DEF CON 21: Presented by Trustwave Managing Consultant Daniel Crowley, Trustwave Senior Security Consultant David Bryan and independent researcher Jen Savage on August 1, 5:00 pm (Black Hat), and August 3, 12:00 pm (DEF CON 21). A growing trend in electronics is integration with a home network so that consumers can remotely control their products. These products are varied and even include door locks. This integration poses security risks. Crowley, Bryan and Savage will discuss the potential risks posed by network-attached devices in the home and disclose specific products in which they found vulnerabilities.

 "Black Hat Arsenal: ModSecurity" at Black Hat USA: Presented by Trustwave Lead Security Researcher Ryan Barnett on August 1, 12:20 pm and 3:30 pm. ModSecurity is a cross-platform, open source Web application firewall, maintained by the Trustwave research team, that provides security personnel a means to quickly develop defenses for emerging attack scenarios or virtual patching for identified Web application vulnerabilities. This Arsenal Demo includes many live setups where Black Hat attendees will be able to play with the ModSecurity defenses and try and evade its detections.

"Training: Computer Forensics & Incident Response for Investigators" at Black Hat USA: Offered by Trustwave Director of SpiderLabs Chris Pogue on July 27-July 30. This four day, instructor-led course is delivered by experienced investigators who have taught corporate incident response teams and law enforcement agencies globally. Attendees will learn how to successfully conduct a data breach investigation. They will participate in hands-on demonstrations that simulate a "real-world" environment through virtual machines pre-configured to mimic different operating systems, network environments and intrusion issues.

"Utilizing Popular Websites for Malicious Purposes Using RDI" at DEF CON 21: Presented by Trustwave Security Researchers Daniel Chechik and Anat (Fox) Davidi on August 4, 1:00 pm. ReflectedDocument Object Model Injection is a new attack vector that will be unveiled for the first time. Chechik and Davidi will explain the technique and demonstrate how it is useful in hiding malicious code within popular and trusted websites.

"Swiping Cards at the Source: POS & Cash Machine Security" at DEF CON 21 and BSidesLV: Presented by Trustwave Managing Consultant Ryan Linn on August 2, 11:00am (DEF CON 21) August 1, 11:30am (BSidesLV).  Point-of-sale systems and cash machines are frequently targeted by attackers.  Linn will offer a frank discussion about these types of attacks, where systems are vulnerable, and how to proactively defend against them. He will focus on current, practical and frequently-seen attacks.

Additional sessions include:

  • "Using Online Activity As Digital Fingerprints To Create A Better Spear Phisher" at Black Hat USA: Presented by Trustwave Security Consultants Joaquim Espinhara and Ulisses Albuquerque on August 1, 2:15 pm.
  • "The Web is Vulnerable: XSS Defense on the Battlefront" at Black Hat USA: Presented by Trustwave Lead Security Researcher Ryan Barnett on July 31, 5:00 pm.
  • "Pwn'ing You(r) Cyber Offenders" at DEF CON 21: Presented by Trustwave Senior Security Consultant Piotr Duszynski on August 2, 1:00 pm.
  • "The Cavalry Isn't Coming" at DEF CON 21 and BSidesLV: Presented by Trustwave Senior Vice President and Head of SpiderLabs Nicholas J. Percoco and Akamai Technologies Director of Security Intelligence Josh Corman on August 4, 10:00am (DEF CON 21) August 1, 11:30am (BSidesLV).

About Trustwave
 Trustwave is a leading provider of compliance, Web, application, network and data security solutions delivered through the cloud, managed security services, software and appliances. For organizations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its TrustKeeper® portal and other proprietary security solutions. Trustwave has helped hundreds of thousands of organizations--ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers--manage compliance and secure their network infrastructures, data communications and critical information assets. Trustwave is headquartered in Chicago with offices worldwide. For more information, visit https://www.trustwave.com.