Lilly Chalupowski Crowdstrike
Magno Logan
Aastha Singh
Devin Patterson Beauceronsecurity
Kevin Burgess Nile
Malcolm MacDonald
SolarMarker is a malware family consisting of multiple states, an installer, a backdoor, and an information stealer module. SolarMarker uses a variety of loaders to execute SoalrMarker Backdoor. In this presentation we will be analyzing various SolarMarker loaders featuring one in Golang, then destroying SolarMarker Backdoor to the point we can compile it in our own Visual Studio project and identify C2 servers before they are used in the wild. Throughout this presentation there will be tips for hunting and detection.
Lilly Chalupowski , Crowdstrike
I started my career after I hit rock bottom being a single mom who moved back to live with my parents. This was after dropping out of computer science in university, my professors told me I would not be good enough to get a job in computers. I had lost all passion for what I loved and hoped for the future. I worked with my case worker (social assistance program) and they helped me gain the confidence to try computers again. I was able to tech myself programming and other computer science concepts on my own time (online courses). With this, I was able to regain my confidence regarding computers. I then became really interested in offensive security and applied to work at a cyber security company. I started as an entry-level analyst and worked my way up to starting my own threat research and detection department. I taught myself how to reverse engineer malware from scratch along the way and have not looked back since. If I can train an English teacher to reverse engineer malware, I have the confidence I can train anyone to get the task done. If you are looking for someone to lead your threat research and detection team who has done each job on the way up to the top, I might be the one you are looking for. Since then, I've presented research all across North America, appeared on TV as an expert twice and have not looked back. I love reverse engineering, malware analysis, detecting threat actors, the thrill of the hunt, mentoring other women who want to get into cyber security and most importantly, my family and the wonderful people on my team who have grown so much in their careers.
More organizations are applying a DevOps methodology to optimize software development. One of the main tools used in this process is a continuous integration (CI) tool that automates code changes from multiple developers working on the same project. In 2019, GitHub released its own CI tool called GitHub Actions. According to GitHub, GitHub Actions help you automate tasks within your software development life cycle, and it has been gaining a lot of adoption from developers. This talk will demonstrate how GitHub Actions work and show security tools to protect your applications from attackers. First, we’ll dive deeply into the Actions, the language, and the runners, the servers provided by GitHub to run your Actions. Then, we’ll show how to run SAST, DAST, and SCA using open source or free tools into your pipeline just using GitHub Actions. We’ll set up Actions for each tool to scan our application for security vulnerabilities at every pull request.
Magno Logan ,
As an Information Security Specialist, Magno Logan specializes in various subjects, including Cloud, Container, Application Security Research, Threat Modeling, and Kubernetes Security. He boasts multiple international certifications and is a sought-after speaker at worldwide security conferences, presenting in countries such as Canada, the US, Brazil, and Europe. In addition to his professional accomplishments, Magno is the founder of the JampaSec Security Conference and the OWASP Paraiba Chapter. He has previously served as a Snyk Ambassador and member of the CNCF Security TAG, Kubernetes SIG Security, and OpenSSF.
Announcements from OWASP and Digital Nova Scotia
Today there is almost no business that can operate without computers. All computers operate using software in the form of operating systems, applications, and the internet. Hence, we can say that computers are quintessential to the entire supply chain. On the downside, it is well-known that nearly all software contains loopholes of some type on some level. There are numerous hostile actors who expend huge efforts to look for such flaws & exploit those to their advantage. This results in major data breaches & hacks costing money & reputation to the company. The rate at which these cybersecurity breaches are increasing is brutal. With recent high-profile attacks targeting healthcare, finance, government, retail, energy, & manufacturing, it is evident that the threat landscape is expanding significantly every day. With such attacks making frequent headlines, security is on top of mind for every organization. Then, why when it comes to software development, security & testing is still an afterthought? In this presentation, we will look at it’s possible root causes and the measures that can be adopted by companies to challenge the status-quo to build a ‘safer tomorrow’.
Aastha Singh ,
"Growth vs Quality" is a common moot point in many industries. My North Star is to achieve business growth while maintaining quality. I am wearing two hats serving as Quality Assurance Manager & Product Owner at BeyondTrust. As a product leader with 12+yrs in IT, I support distributed teams across the USA, Canada, UK & South America in my current capacities. Having a background in Quality Assurance & Test Automation with expertise in programming languages such as Java & C# has given me the ability to see through the code & also think from a customer perspective. As a QA Manager, I am responsible for coaching scrum teams to adopt effective Test & Automation strategies to get early feedback in the software development lifecycle. As a Product Owner, I am passionate about building products that customers need, cater to their pain-points & delight them with new features & capabilities. In the past, I have built agile teams from scratch & mentored them to be self-organising eventually. I have introduced & fine-tuned several process areas to boost efficiency across several development teams and empowered them to minimize waste & redundant processes that stalled their productivity.
Even with record spending on cybersecurity in 2022, by any measure, the results were far from ideal. From the breach of a global digital identity provider using persistent social engineering that defeated multi-factor authentication, to devastating attacks on healthcare organizations that resulted in the loss of highly sensitive personal medical information of millions of people held for ransom, it was a bad year.Criminals know people are the key to cybersecurity. From cloud infrastructure that is improperly architected, to the loss of physical hard drives with sensitive data, to the continued mass-success of phishing attacks, human factors are at the centre of almost every successful attack. Far from being the weakest link in the chain, with the targeted investments in cyber awareness they can become your biggest line of defence in the first critical minutes of an attack.But for cyber awareness programs to have a chance at succeeding in this ever-growing threat landscape, we need to achieve buy-in across organizations. People need to feel that their time is valued and every minute they are being asked to give up will be used effectively. And in an uncertain economy leaders are being held to account for every dollar they spend, so we need to prove the value of our programs more than ever beforeDevin Patterson leads the Customer Success Team at Fredericton-based Beauceron Security. Through our work with nearly 700 customers including some of Canada's largest household brands, he and his team have developed insights and reports to help security awareness program leads measure success, identify areas of future opportunity and prove return on investment."
Devin Patterson Manager, Beauceronsecurity
In my work as the Manager of our Customer Success Team at Beauceron Security, I am responsible for the success & challenges of standing up cyber awareness programs for over 700 clients which include some of Canada’s largest financial institutions, telecommunications companies, healthcare organizations, and federal/provincial/municipal government agencies. As trusted advisers to these organizations, my team are constantly challenged to help them achieve buy-in to rollout & evolve their programs across different levels of stakeholders, and prove the value of their programs to senior leaders & procurement/finance departments.
In networks today it is generally not if but when malware is going to be downloaded to a host. We will discuss how this malware then moves around inside a legacy network and how microsegmenting a network can be used to help limit the east west proliferation.
Kevin Burgess Lead Solution Architecture, Nile
In networks today it is generally not if but when malware is going to be downloaded to a host. We will discuss how this malware then moves around inside a legacy network and how microsegmenting a network can be used to help limit the east west proliferation.
A 30 minute (if that) chat about what's involved with installing a Tor Bridge on a Linux Box by someone who's mostly lived in the Windows ecosystem
Malcolm MacDonald ,
Working 20+ years doing a variety of IT roles