October 26, 2016

SCADA Talked Cancelled at TakeDownCon Dallas 2011 After Pressure From US Government

Dillon Beresford and Brian Meixell cancelled their TakeDownCon Dallas 2011 talk about Supervisory Control and Data Acquisition (SCADA) on Wednesday after a request from U.S. cybersecurity and Siemens representatives.

The planned presentation would have looked at how attackers can penetrate even the most heavily fortified industrial control systems in the world, without the backing of a nation state. They also planned to present a guide to writing industrial grade malware without having direct access to the target hardware.

“We were asked very nicely if we could refrain from providing that information at this time,” Dillon Beresford, an independent security researcher and a security analyst at NSS Labs, told CNET. “I decided on my own that it would be in the best interest of security… to not release the information.”

SCADA exploits have recently taken center stage in the international community with the creation of Stuxnet and its use to delay the proliferation of nuclear weapons. Combining traditional exploits with industrial control systems allows attackers to weaponize malicious code, something that previously wasn’t really possible.

BingDiggity Presented at TakeDownCon Dallas 2011

Francis Brown from Stach & Liu, an IT security consulting company, has presented BingDiggity as part of this “Lord of the Bing” presentation at TakeDownCon Dallas 2011. The new tool leverages the Bing search engine to identify vulnerable systems and sensitive data in corporate networks.

BingDiggity compliments GoogleDiggity and together with SearchDiggity, Stach & Liu’s new GUI applications that serves as a front-end to both GoogleDiggity and BingDiggity, they form the Google Hacking Diggity Project.

BingDiggity is a new command line utility that leverages the new Bing 2.0 API and Stach & Liu’s Bing Hacking Database (BHDB) to find vulnerabilities and sensitive information disclosures related to an organization that are exposed via Microsoft’s Bing search engine. This utility also provides foot-printing functionality that enumerates URLS, hosts, domains, IP-to-virtual host mappings, etc. for target companies.

TakeDownCon Dallas 2011 Information Security Conference Starts Today

TakeDownCon Dallas 2011 starts today. This 2 day conference, which is in its debut year, is designed for technical information security and IT professionals of all levels.

The first keynote will be given by Josh Shaul and Alex Rothacker on the Anatomy Of A Database Attack. Today’s web-accessible databases are especially susceptible to attacks, partially because of the appeal of their lucrative repositories of data, and partially because IP entry affords hackers a broader range of methods with which to invade and gain access to database information. In this presentation, the Josh and Alex will describe some of the sophisticated methods used in invading enterprise databases, as well as provide guidelines and best practices on security and compliance in a variety of database systems including Oracle, Microsoft SQL Server, IBM DB2, and Sybase.

Other first day presentations include:

A full schedule can be found here and the synopsis here.

TakeDownCon Dallas takes place at the InterContinental Dallas and is sponsored by Live Hacking, among others. Some of the supporting organizations of the event include the FBI InfraGard’s North Texas Chapter and NAISG’s Dallas Chapter.

LiveHacking.com will bring you news, interviews and photos from the event.


Information Security Conference TakeDownCon 2011

May 14th sees the start of TakeDownCon 2011 in Dallas. This is the debut year for this conference and it promises to become an essential conference for all those involved in information security. TakeDownCon is a highly technical conference, designed by the EC-Council, that focuses on technical research in cutting-edge exploits and vulnerabilities. It also includes 4 days of training, including the EC-Council’s Certified Ethical Hacker (CEH) – an accepted certification by the U.S. Department of Defense (DoD) Directive 8570, and 2 days of keynotes, demonstrations and presentations.

The first keynote will be given by Barnaby Jack, who most recently gained widespread media attention for demonstrating, at BlackHat 2010, the exploitation of vulnerabilities within Automated Teller Machines (ATMs). Other speakers include Josh Shaul, Joe McCray, Alex Rothacker, and Jeremiah Talamantes, on topics including database attacks, automated malware analysis and smart phone security models.

TakeDownCon Dallas takes place on May 14-19 at the InterContinental Dallas and is sponsored by Live Hacking, among others. Some of the supporting organizations of the event include the FBI InfraGard’s North Texas Chapter and NAISG’s Dallas Chapter.

The conference program can be seen here and the session synopses here. LiveHacking.com will bring you news, interviews and photos from the event.

Conference Series Targeting Technical Information Security Professionals Making Spring Debut in Dallas, Texas

EC-Council launches the TakeDownCon series – a highly technical information security conference series that promises to be an excellent knowledge acquisition and skills exchange platform.

TakeDownCon will bring together information security researchers and technical experts, both the brightest and darkest, from the corporate and government sectors to academic as well the underground, and make it into one of the world’s premier infosec event where the latest security threats are presented and debated, and vulnerabilities are disclosed and scrutinized.

TakeDownCon will also feature a pre-event training platform offering EC-Council certification training including the world-renowned Certified Ethical Hacker (CEH) and Computer Hacking Forensic Investigator (CHFI) programs. In addition, there will also be highly advanced and technical courses offered by EC-Council’s Center of Advanced Security Training (CAST). These programs are designed by industry practitioners and experts, and will allow participants to go through both hands on and real life scenario based training covering domains such as web application security, penetration testing and social engineering.

Jay Bavisi, President of EC-Council said, “There is a huge gap, and we recognize the need for more information security training and education. TakeDownCon will be the ideal platform for knowledge acquisition. Dallas was chosen for its strategic geographical location, and the vast demand for information security training. TakeDownCon, being highly technical, will feature a brand new format, it will be very focused, content driven, and attendees will see no frills, thus making it accessible for the masses.”

This conference will also see the launch of “Nite Locks et all”. It is where physical security vulnerabilities and lock picking skills will be showcased, and a chance for attendees to try their hands on lock picking, under the tutelage of experts in this realm.

The Call for Paper is now open. If you are interested to reveal a zero day exploit, expose a new vulnerability or flag an unknown threat, this may well be the platform for you to showcase and demonstrate your technical expertise and proficiency, as well as demonstrate your thought leadership. Do visit http://www.takedowncon.com/cfp to submit your paper to be considered.

TakeDownCon will make its debut in Dallas, TX from May 14 – 19, 2011. More details can be found at http://www.takedowncon.com.