Friday, January 20, 2023
Time One Track Mind
1200 Registration Opens
1400

Opening Remarks, Rumblings, Ruminations, and Rants
1530 Open Source Software — Y U No Secure?

Aeva Black
1600 How to Use Sauteed Onion to Get to the Taste of Website You Want

Paul Syverson
1630 Ya Got Trouble (And SLSA May Help)

Nicole Schwartz
1700 Big Tech Whistleblowers: Transparency, Accountability, and the Power of the Press

Libby Liu
1730 Social Engineering from the Detective Perspective

Tom Howard
1800 Hacker Law for Hackers

Harley Geiger
1845 Registration Closes
2000

Firetalks

Saturday, January 21, 2023
Time Build It! Belay It! Bring it On!
0930 Registration Opens
1000 Mr. Radar: Layer 1 Recon

Jason Baird

 Les Miserable Persistence: Hunting Through Scheduled Tasks

Brandon DeVault

 Media Effects Used in Influence Operations

Krassimir Tzvetanov
1100 A Mask ROM Tool in Qt6 and C++

Travis Goodspeed

 Escalating Attack and Defense on Cloud-based Kubernetes — The Difference Between a Container and a Pod is a Pod can Begin an Adventure!

Jay Beale

 The UN Cybercrime Treaty: The One Treaty to Rule All the Hacking Laws

Kurt Opsahl
1200 Dit Dit-Dah-Dit: The Evolution of Cellular Networks

Tracy Mosley

 Putting on a Big Show: Defending by Attacking Attacker Incentives

Jacob Torrey

 An Insight into Railway Security

Brian Butterly
1300 Break
1400 Phantom of the Pipeline — Abusing Self-Hosted CI/CD Runners

Adnan Khan, Mason Davis, and Matt Jackoski

 Riverside: A Network Security Visualization Tool

Kaitlyn DeValk

 The Song Must NOT Go On

Christopher Forte
1430 The Un-parsing Manifesto: Reconnecting our Corpus Callosum

Falcon Darkstar Momot

 US Covid19 Immunization Credentials + Privacy-friendly QR Codes for Identity

Christian Paquin
1500 How to Save Your SOC from Stagnation

Carson Zimmerman

 How I Scanned the Internet for NSA Compromised Firewalls

nobletrout

 Catching Chinese Actors — A Game of Cat and Mouse

Mao Sui
1515 The OSINT Game that Reveals Hidden Helicopters of DC

Andrew Logan
1530 Bringing the Curtain Down on Flash Protection in Obscure Microcontrollers through Fault Injection

Christopher Hewitt

 Parkalot — Using Parking Apps Like Traditional Meters Using License Plate Validation Loopholes

Michael Rudden

 You and Me (But Mostly Me)

Jesika McEvoy
1545 No, Really, The Gerasimov Doctrine Doesn’t Exist

Dylan Hoffmann
1600 OpenSecurityTraining2: Free Deep-Technical Training

Xeno Kovah

 The Perfect Resume For Entry-Level Infosec

Space Rogue (C. Thomas)

 Textiles and Technology

Amanda Draeger
1630 From the Keyboards, Through the Walls, Got Implant Shells for Y’all

Jonathan Fischer

 Hide Your Valuables — Mitigating Physical Credential Dumping Attacks

Gabriel Landau and Mark Mager

 Congratulations! You Found a Security Vulnerability in an Open Source Project! Now What?

Madison Oliver and Jonathan Leitschuh
1700 0wn the Con

The Shmoo Group

 I Spy a Spy: Degrading Advanced Phishing Campaigns Against Your Organization and Clients

Joe Oney

 Inglourious Drivers — The Revenge of the Peripheral Devices

Omer Tsarfati
1815 Registration Closes
2100

Saturday Night

Sunday, January 22, 2023
Time Build It! Belay It! Bring it On!
0930 Registration Opens
1000 Mainframe Hacking for CICS and Giggles

Jan Nunez and Jay Smith

 REveal: Unmasking Malware’s True Identity

Scott Young

 Telegram, Translations, and Twitter: How a Covert Russian Disinformation Effort Is Bypassing Censorship and Targeting Global Audiences

Patricia Bailey
1100 It Must Be Nice to Have Washington on Your Side: Unlinking Binaries on the DARPA Assured Micropatching Program

evm, Joshua Bailey, Robert Barr, Amanda Lee, and Jonah Schimpf

 Hacking ISPs with PPPoE

Gal Zror

 Under Pressure: Balancing Privacy Breach Notification with Incident Response

Kelly Ohlert
1200 Escaping the Tar Pit and Securing the Supply Chain

Kasimir Schulz

 The UEFI Threat — Or How I Can “Permanently” Brick Your Computer

Paul Asadoorian

 Large-Scale Infiltration and Monitoring of C&C Servers

Jonathan Fuller
1300 Closing Plenary: OK, So What IS Working?

Mark Manning, Tina Velez, SPAM, and Bruce Potter (moderator)
1400

Closing Remarks
1500 End of Con – See You Next Year!