Best Marcos Franco Podcasts (2024)

1
Jamie Butler: R^2: The Exponential Growth in Rootkit Techniques 42:20

18y ago42:20

42:20

Rootkit technology has exploded recently, especially in the realm of remote command and control vectors. This talk will cover the evolution of rootkit techniques over the years. It will explore the interaction between corporations, the open source community, and the underground. A detailed analysis of how different rootkits are implemented will be …

1
FX: Analysing Complex Systems: The BlackBerry Case 57:34

18y ago57:34

57:34

When trying to analyze a complex system for its security properties, very little information is available in the beginning. If the complex system in question contains parts that the analyst cannot see or touch, proprietary hardware and software as well as large scale server software, the task doesn't get any easier. The talk will tell the story abo…

1
Jeremy Rauch: PDB: The Protocol DeBugger 1:05:36

18y ago1:05:36

1:05:36

It's late. You've been assigned the unenviable task of evaluating the security of this obtuse application suite. 2006! Why doesn't everything just use SSL as its transport? No time for excuses. Deadlines loom, and you need to figure this out. And when you do figure it out, write your own fuzzer client. This sucks. (pdb) module add MyAction pdb-ruby…

1
Kimber Spradin and Dale Brocklehurst: Auditing Data Access Without Bringing Your Database To Its Knees 1:03:50

18y ago1:03:50

1:03:50

Today’s privacy requirements place significant additional auditing burdens on databases. First you have to know which databases in your environment contain regulated Personally Identifiable Information (PII) or Protected Health Information (PHI), then you have to monitor ALL activity surrounding that data-not just changes to it. In the world of dat…

1
Nicolas Fischbach: Carrier VoIP Security 1:05:36

18y ago1:05:36

1:05:36

VoIP, IMS, FMC, NGN, PacketCore, MPLS. Put those together and you are looking at the next security nightmare when it comes to Service Provider infrastructure security. Carriers are already moving away from basic data and VoIP services towards the Next Generation Network, where you have one Packet-based Core network which is going to carry "junk" In…

1
Johnny Long: Death By 1000 cuts 1:01:15

18y ago1:01:15

1:01:15

In this day and age, forensics evidence lurks everywhere. This talk takes attendees on a brisk walk through the modern technological landscape in search of hidden digital data. Some hiding places are more obvious than others, but far too many devices are overlooked in a modern forensics investigation. As we touch on each device, we'll talk about th…

1
Michael Sutton & Greg MacManus: Punk Ode - Hiding shellcode in plain sight 58:50

18y ago58:50

58:50

Injecting shellcode into a vulnerable program so you can find it reliably can be tricky. With image format vulnerabilities, sometimes the only place you can put your code is in the image itself. If a file attempting to exploit one of these vulnerabilities was rendered using a non-vulnerable application, the ‘strange’ files might raise some suspicio…

1
Zvi Gutterman: Open to Attack; Vulnerabilities of the Linux Random Number Generator 58:50

18y ago58:50

58:50

Linux® is the most popular open source project. The Linux random number generator is part of the kernel of all Linux distributions and is based on generating randomness from entropy of operating system events. The output of this generator is used for almost every security protocol, including TLS/SSL key generation, choosing TCP sequence numbers and…

1
HD Moore: Metasploit Reloaded 1:14:07

18y ago1:14:07

1:14:07

Over the last three years, the Metasploit Framework has evolved from a klunky exploit toolkit to a sleek EIP-popping machine. The latest version of the Framework is the result of nearly two years of development effort and has become a solid platform for security tool development and automation. In this talk, we will demonstrate how to use the new F…

1
Hacker Court Panel: Hacker Court 2006: Sex, Lies and Sniffers 1:08:55

18y ago1:08:55

1:08:55

Expertise in computer forensic technology means nothing if that expertise can’t be conveyed convincingly to a jury. Presenting technical evidence in a courtroom is a far cry from presenting a technical paper at Black Hat. Sure, a computer professional may understand the importance of full headers in tracing email origins, but a jury has no clue. Th…

1
Hacker Court Part 2: Hacker Court 2006: Sex, Lies and Sniffers 1:34:17

18y ago1:34:17

1:34:17

Part two: Expertise in computer forensic technology means nothing if that expertise can’t be conveyed convincingly to a jury. Presenting technical evidence in a courtroom is a far cry from presenting a technical paper at Black Hat. Sure, a computer professional may understand the importance of full headers in tracing email origins, but a jury has n…

1
Robert Auger and Caleb Sima: Zero Day Subscriptions: Using RSS and Atom feeds As Attack Delivery Systems 43:05

18y ago43:05

43:05

This presentation will discuss the use of RSS and Atom feeds as method of delivering exploits to client systems. In our research we have found a number of RSS clients, both local and web-based, that are far too trusting of the content that is delivered via feeds. Although this content arrives as well-formed XML, fundamentally it originated as user …

1
Melanie Rieback: RFID Malware Demystified 51:38

18y ago51:38

51:38

Radio Frequency Identification (RFID) malware, first introduced in my paper 'Is Your Cat Infected with a Computer Virus?', has raised a great deal of controversy since it was first presented at the IEEE PerCom conference on March 15, 2006. The subject received an avalanche of (often overzealous) press coverage, which triggered a flurry of both posi…

1
Scott Stender: Attacking Internationialized software 50:36

18y ago50:36

50:36

Every application, from a small blog written in PHP to an enterprise-class database, receives raw bytes, interprets these bytes as data, and uses the information to drive the behavior of the system. Internationalization support, which stretches from character representation to units of measurement, affects the middle stage: interpretation. Some sof…

1
Emmanuele Zambon: "NIDS, false positive reduction through anomaly detection" 48:40

18y ago48:40

48:40

The Achilles' heel of network IDSs lies in the large number of false positives (i.e., false attacks) that occur: practitioners as well as researchers observe that it is common for a NIDS to raise thousands of mostly false alerts per day. False positives are a universal problem as they affect both signature-based and anomaly-based IDSs. Finally, att…

1
Andrew Cushman: Microsoft Security Fundamentals - Engineering, Response and Outreach 57:13

18y ago57:13

57:13

You’ve heard about Trustworthy Computing and you’ve seen some security improvements from Microsoft. You may have wondered-"is this change real or is it just lip service?" You may also have asked yourself "self, why did they do that?" This presentation will give you an historical and current view of the changes Microsoft has made and our policies an…

1
Panel: Meet the Feds: OODA Loop and the Science of Security 48:34

18y ago48:34

48:34

The OODA Loop theory was conceived by Col John Boyd, AF fighter pilot. He believed that a pilot in a lethal engagement that could Observe, Orient, Decide, and Act (OODA) before his adversary had a better chance to survive. He considered air combat an art rather than a science. John Boyd proved air combat could be codified; for every maneuver there …

1
Charles Edge: Attacking Apple’s Xsan 16:19

18y ago16:19

16:19

A fundamental of many SAN solutions is to use metadata to provide shared access to a SAN. This is true in iSCSI or FibreChannel and across a wide variety of products. Metadata can offer a way around the built-in security features provided that attackers have FibreChannel connectivity. SAN architecture represents a symbol of choosing speed over secu…

1
Yuan Fan and Xiao Rong: MatriXay-When Web App & Database Security Pen-Test/Audit Is a Joy 21:40

18y ago21:40

21:40

This topic will present a new web-app/DB pen-test tool. This tool supports both proxy (passive) mode as well as direct URL targeting. It is a mixed Web App SQL Injection systematic pen-test and WebApp/Database scanner/auditing-style tool and supports most popular databases used by web applications such as Oracle, SQL Server, Access and DB2. It has …

1
Jeremiah Grossman: Hacking Intranet websites from the outside: Malware just got a lot more dangerous 54:51

18y ago54:51

54:51

Imagine you’re visiting a popular website and invisible JavaScript exploit code steals your cookies, captures your keystrokes, and monitors every web page that you visit. Then, without your knowledge or consent, your web browser is silently hijacked to transfer out bank funds, hack other websites, or post derogatory comments in a public forum. No t…

1
Lukas Grunwald: "New Attack to RFID-Systems and their Middle ware and Backends" 40:09

18y ago40:09

40:09

This talk provides an overview of new RFID technologies used for dual-interface cards (credit cards, ticketing and passports), and RFID tags with encryption and security features. Problems and attacks to these security features are discussed and attacks to these features are presented. After dealing with the tags, an overview to the rest of an RFID…

1
Dino Dai Zovi: Hardware Virtualization Based Rootkits 50:10

18y ago50:10

50:10

Hardware-supported CPU virtualization extensions such as Intel's VT-x allow multiple operating systems to be run at full speed and without modification simultaneously on the same processor. These extensions are already supported in shipping processors such as the Intel® Core Solo and Duo processors found in laptops released in early 2006 with avail…

1
Alexander Sotirov: Hotpatching and the Rise of Third-Party Patches 56:25

18y ago56:25

56:25

Hotpatching is a common technique for modifying the behavior of a closed source applications and operating systems. It is not new, and has been used by old-school DOS viruses, spyware, and many security products. This presentation will focus on one particular application of hotpatching: the development of third-party security patches in the absence…

1
John Lambert: Security Engineering in Windows Vista 48:19

18y ago48:19

48:19

This presenation will offer a technical overview of the security engineering process behind Windows Vista. Windows Vista is the first end-to-end major OS release in the Trustworthy Computing era from Microsoft. Come see how we’ve listened to feedback from the security community and how we’ve changed how we engineer our products as a result. The tal…

1
Chris Eng: Breaking Crypto Without Keys: Analyzing Data in Web Applications 1:00:01

18y ago1:00:01

1:00:01

How often have you encountered random-looking cookies or other data in a web application that didn‚t easily decode to human readable text? What did you do next-ignore it and move on, assuming that it was encrypted data and that brute forcing the key would be infeasible? At the end of the test, when the application developer informed you that they w…

1
Tom Brosch and Maik Morgenstern: Runtime Packers: The Hidden Problem? 20:09

18y ago20:09

20:09

"Runtime packers are a widely-used technique in malware today. Virtually every Win32 malware added to the WildList as well as ad- and spyware is packed with one or another runtime packer. Not only can they turn older malware into new threats again, but they might also prevent AV vendors from using more generic approaches and therefore requiring mor…

1
Tom Ptacek and Dave Goldsmith: Do Enterprise Management Applications Dream of Electric Sheep? 59:50

18y ago59:50

59:50

Thomas Ptacek and Dave Goldsmith present the results of Matasano Security's research into the resilience of Enterprise Agents: the most dangerous programs you've never heard of, responsible for over $2B a year in product revenue, running on the most critical enterprise servers from app servers to mainframes. WHY THIS TALK? 1. Enterprise Agents are …

1
David Litchfield : All New Zero Day 45:14

18y ago45:14

45:14

David Litchfield specializes in searching for new threats to database systems and web applications. He has lectured to both British and U.S. government security agencies on database security and is a regular speaker at the Blackhat Security Briefings. He is a co-author of "The Database Hacker's Handbook", "The Shellcoder's Handbook", "SQL Server Se…

1
David Endler: Hacking VOIP Exposed 1:02:39

18y ago1:02:39

1:02:39

Lately there seems to be an explosion of press hype around the possibility of hackers exploiting Voice-over-IP networks and services (Skype, Vonage, etc.). VoIP Spam, Caller ID Spoofing, Toll Fraud, VoIP Phishing, Eavesdropping, and Call Hijacking are just some of the terms being thrown around that seem to cause a fair share of fear and uncertainty…

1
Neal Krawetz (Dr): You are what you type: No classical computer forensics 47:47

18y ago47:47

47:47

In an online world, anonymity seems easy. Network addresses can be cloaked and files can be manipulated. People rapidly change virtual names, genders, and skills. But even with these precautions, anti-anonymity techniques can track people. Habitual patterns and learned skills are subtle, appearing in everything we type. This presentation discusses …

1
Ofir Arkin: Bypassing Network Access Control (NAC) Systems 51:17

18y ago51:17

51:17

The threat of viruses, worms, information theft and lack of control of the IT infrastructure lead companies to implement security solutions to control the access to their internal IT networks. A new breed of software (Sygate, Microsoft, etc.) and hardware (Cisco, Vernier Networks, etc.) solutions from a variety of vendors has emerged recently. All …

1
Bruce Potter: The Trusted Computing Revolution 44:41

18y ago44:41

44:41

Trusted computing is considered a dirty word by many due to its use for Digital Rights Management (DRM). There is a different side of trusted computing, however, that can solve problems information security professionals have been attempting to solve for more than three decades. Large scale deployment of trusted computing will fundamentally change …

1
Dan Kaminsky: Black Ops 2006 1:00:27

18y ago1:00:27

1:00:27

The known topics for this year include: 1. The Worldwide SSL Analysis-There's a major flaw in the way many, many SSL devices operate. I'll discuss how widespread this flaw is, as well as announce results from this worldwide SSL scan. 2. Syntax Highlighting...on Hexdumps. Reverse Engineering efforts often require looking at hex dumps-without much co…

1
Halvar Flake: RE 2006: New Challenges Need Changing Tools 45:20

18y ago45:20

45:20

Reverse Engineering has come a long way-what used to be practiced behind closed doors is now a mainstream occupation practiced throughout the security industry. Compilers and languages are changing, and the reverse engineer has to adapt: Nowadays, understanding C and the target platform assembly language is not sufficient any more. Too many reverse…

1
Pete Finnigan: How to Unwrap Oracle PL/SQL 53:53

18y ago53:53

53:53

PL/SQL is the flagship language used inside the Oracle database for many years and through many versions to allow customers to implement their business rules and logic. Oracle has recognized that it is necessary for customers to protect their intellectual property coded in PL/SQL and has provided the wrap program. The wrapping mechanism has been cr…

1
Hendrik Scholz: SIP Stack Fingerprinting and stack difference attacks 51:21

18y ago51:21

51:21

VoIP applications went mainstream, although the underlying protocols are still undergoing constant development. The SIP protocol being the main driver behind this has been analyzed, fuzzed and put to the test before, but interoperability weaknesses still yield a large field for attacks. This presentation gives a short introduction to the SIP protoc…

1
Mariusz Burdach: Physical Memory Forensics 44:48

18y ago44:48

44:48

Historically, only file systems were considered as locations where evidence could be found. But what about the volatile memory which contains a huge amount of useful information such as the content of clipboards or the SAM database? How long can volatile data stay in the main memory? What about anti-forensic methods of defeating disk forensic and i…

1
Jesse Burns: Fuzzing Selected Win32 Interprocess Communication Mechanisms 1:05:33

18y ago1:05:33

1:05:33

This presentation prepares attackers and defenders to perform automated testing of some popular Windows® interprocess communication mechanisms. The testing will focus on binary win32 applications, and will not require source code or symbols for the applications being tested. Attendees will be briefly introduced to several types of named securable W…

1
SensePost: A Tale of Two Proxies 40:52

18y ago40:52

40:52

During this presentation SensePost will discuss and demonstrate two pieces of new technology - the Suru WebProxy and the SP_LR Generic network proxy. The Suru web proxy is an inline web proxy (the likes of Paros, @stake webproxy and Webscarab) and offers the analyst unparalleled functionality. Are the days of the web proxy counted? Is there really …

1
Dan Larkin: Keynote: Fighting Organized Cyber Crime - War Stories and Trends 54:41

18y ago54:41

54:41

As one of the pioneers of partnerships for the FBI, Dan Larkin of the FBI’s Cyber Division will outline how the FBI has taken this concept from rhetoric to reality over the past 5 years. This presentation will explore how the mantra "make it personal" has aided the FBI in forging exceptional alliances with key stake holders from industry, academia …

1
Saumil Udayan Shah: Writing Metasploit Plugins - from Vulnerability to Exploit 1:15:11

18y ago1:15:11

1:15:11

This talk shall focus on exploit development from vulnerabilities. We have seen many postings on security forums which vaguely describe a vulnerability, or sometimes provide a "proof-of-concept" exploit. The Metasploit Framework is a powerful tool to assist in the process of vulnerability testing and exploit development. The framework can also be u…

1
Bala Neerumalla: SQL Injections by truncation 28:17

18y ago28:17

28:17

In this talk, I will discuss some ways to circumvent common mitigations of SQL Injection vulnerabilities in dynamic SQL. I will then suggest ways to protect against them. Bala Neerumalla specializes in finding application security vulnerabilities. He worked as a security engineer for SQL Server 2000 and SQL Server 2005. He is currently working as a…

1
Jay Schulman: Phishing with Asterisk PBX 48:51

18y ago48:51

48:51

As many people are becoming more accustom to phishing attacks, standard website and e-mail phishing schemes are becoming harder to accomplish. This presentation breaks all of the phishing norms to present an effective, alternative phishing method from start to finish in 75 minutes using Linux and Asterisk, the open-source PBX platform. With an Aste…

1
Kevin Mandia: The State of Incidence Response 1:08:14

18y ago1:08:14

1:08:14

During the course of 2005 and 2006, we have responded to dozens of computer security incidents at some of America’s largest organizations. Mr. Mandia was on the front lines assisting these organizations in responding to international computer intrusions, theft of intellectual property, electronic discovery issues, and widespread compromise of sensi…

1
Shawn Embleton, Sherri Sparks & Ryan Cunningham: "Sidewinder": An Evolutionary Guidance System for Malicious Input Crafting 1:14:21

18y ago1:14:21

1:14:21

Black box testing techniques like fuzzing and fault injection are responsible for discovering a large percentage of reported software vulnerabilities. These techniques typically operate by injecting random or semi random input into a program and then monitoring its output for unexpected behavior. While their high potential for automation makes them…

1
Johnny cache and David Maynor: Device Drivers 57:16

18y ago57:16

57:16

Application level security is getting better. Basic stack based string overflows have become rare, and even simple heap overflows are getting hard to find. Despite this fact there is still a huge avenue of exploitation that has not been tapped yet: device drivers. Although they don’t sound very interesting, they are full of simple security programm…

1
Paul Böhm: Taming Bugs: The Art and Science of Writing Secure Code 1:06:39

18y ago1:06:39

1:06:39

If you give a thousand programmers the same task and the same tools, chances are a lot of the resulting programs will break on the same input. Writing secure code isn't just about avoiding bugs. Programming is as much about People as it is about Code and Techniques. This talk will look deeper, beyond the common bug classes, and provide explanations…

1
Panel: Center for Democracy and Technology Anti-Spyware Coalition Public Forum on Corporate Spyware Threats 2:16:08

18y ago2:16:08

2:16:08

This session will examine the threat of spyware to corporations. What does the threat currently look like and how is it evolving? What market forces are at play? How big of a threat is spyware for corporations now and in five years? What countermeasures work now and in the future? How are regulators working to combat this threat?…

1
Alexander Kornbrust: Oracle Rootkits 2.0 43:03

18y ago43:03

43:03

This presentation shows the next (2.) generation of Oracle Rootkits. In the first generation, presented at the Blackhat 2005 in Amsterdam, Oracle Rootkits were implemented by modifying database views to hide users, jobs and sessions. The next generation presented at the BH USA is using more advanced techniques to hide users/implement backdoors. Mod…

1
Doug Mohney: Defending Against Social Engineering with Voice Analytics 45:56

18y ago45:56

45:56

Voice analytics-once the stuff of science fiction and Echelon speculation-is now commercially available and is being used by call centers processing hundreds of thousands of calls per day to authenticate identity, spot key words and phrases, and even detect when a caller is angry or frustrated. It is also being used by large financial institutions …

Podcasts Worth a Listen

Marcos Franco Podcasts

Podcasts Worth a Listen

Quick Reference Guide