Home

DC2711 Presentations
We have a fantastic lineup of international and local speakers for this years dc2711. Find out more below:

This year, we have 2 major international Keynote speakers

- Jayson Street - OPENING KEYNOTE

- Alexandre Borges - CLOSING KEYNOTE

Time Presenter Image Presenter Name Presentation Title Abstract

10:00 - 10:10 Dino Covotsos Opening and introduction to DC2711

10:10 - 11:00 Jayson Street I PWN thee, I PWN thee not! Attackers love it when defenses fail. Implementing defenses without properly understanding the risks and threats is usually a waste of money and resources. This is a frank discussion of what control failures an attacker looks for when attempting to breach an enterprise, as well as how an effective control can help prevent an attacker from being successful. Jayson will walk through real-world scenarios that have led to successful compromise of different companies through control failures. He will also give detailed analysis of controls that led to his attacks being effectively thwarted. Learn how to understand and assess real-world risks, as well as simple defenses which can be implemented to better protect your organization. With a 95% chance of not using any fireworks or minor explosives Jayson will thrill the audience with ways to better defend their networks from criminals, nation states and Suzy in accounting! Come for the Explosive hyperbole but stay for the hugs!

11:00 - 11:15 BREAK

11:15 - 12:00 Sibusiso Sishi An investigation of the effectiveness of passwords derived from African languages Password authentication has become ubiquitous in the cyber age. To-date, there have been several studies on country based passwords by authors who studied, amongst others, English, Finnish, Italian and Chinese based passwords. However, there has been a lack of focused study on the type of passwords that are being created in Africa and whether there are benefits in creating passwords in an African language.For this research, password databases containing LAN Manager (LM) and NT LAN Manager (NTLM) hashes extracted from South African organisations in a variety of sectors in the economy, were obtained to gain an understanding of user behaviour in creating passwords. Analysis of the passwords obtained from these hashes (using several cracking methods) showed that many organizational passwords are based on the English language. This is understandable considering that the business language in South Africa is English even though South Africa has 11 official languages.African language based passwords were derived from known English weak passwords and some of the passwords were appended with numbers and special characters. The African based passwords created using eight Southern African languages were then uploaded to the Internet to test the security around using passwords based on African languages. Since most of the passwords were able to be cracked by third party researchers, we conclude that any password that is derived from known weak English words marked no improvement in the security of a password written in an African language, especially the more widely spoken languages, namely, isiZulu, isiXhosa and Setswana.

12:00 - 12:30 Amy Mania Put Words In My Mouth Money has been withdrawn from your account. You don't remember making, or authorising that transaction. When you follow up with the bank, they say you called earlier and requested the transfer - it was, after-all, you speaking - right? Unbeknownst to you, your voice was stolen, and so was your money. With the rise of voice authentication biometrics, so will the opportunities to spoof it. Text-to-Speech API's are constantly improving, with Google's technology now being indistinguishable from the real human speaker. Threat actors have access to a target's YouTube videos, social media posts. Even more invasive channels are certain vulnerable IoT devices, littered throughout homes and offices. Social media posts and IoT's allow threat actors to listen to your voice, capture and then manipulate it (all using free online tools). So what exactly can be done with a 'stolen' voice? This research explores the possibilities of banking fraud, by using voice-spoofing to bypass authentication and withdraw funds.

12:30 - 1:30 LUNCH BREAK

1:30 - 2:20 Adrian and Jacqui How To Be A Successful Hacktivist In 2020 This talk is the result of a 5 year shared journey that began in 2014 with the launch of the Eden Office of Cyber Security when Jacqui and Adrian first met. Later, the pair went on to co-found the Garden Route Defcon group, DC2744 and more recently the Cyber Awareness Institute of South Africa. Through an unorthodox approach to story-telling, they will introduce you to Cypha Red-Eye who offers his unique perspective into the world of hacking and infosec. Through him, you will discover how the pair became incidental hacktivists this year and the three key ingredients that they foresee as critical to hacktivism success in 2020. When asked to comment on their presentation, the duo had this to say: "The world as we know it is changing and continues to change at a speed that even the minds of the hacker elite among us may struggle to keep up with. No one can predict the future but we can create it, and those who aspire to hack the system and champion a cause can position themselves for success."

The speakers unpack what this means for you in 2020, in under 50 minutes.

2:20 - 3:00 Veronica Schmitt The Autopsy of the PHOENIX X36 Hemodialysis System Medical Device Security is a new buzz word. This is the new kid on the block. Everyone wants to hack a medical device. This talk focuses on another area that has yet to be developed. Digital Forensics and Incident Response is often forgotten when it comes to medical devices. This talk sheds light on research I've done to determine whether DFIR is viableble on them currently. By reverse engineering the firmware and system artifacts of the Hemodialysis system, various artifacts have been identified which can be useful to determine whether the device has failed or if it has potentially been tampered with. Let me take you on a journey of a Post-Mortem of a medical device, delve into the hexadecimal world that it is made up of.

3:00 - 3:15 BREAK

3:15 - 4:05 Alexandre Borges Advanced Malware: rootkits, .NET and BIOS/UEFI threats. Malware threats are the current and critical cyber security concern around the world. Every single day, many companies are stroke by digital threats through malicious documents or phishing, having their systems infected and causing a huge loss of money. Indeed, ransomware represent a serious problem, but they are visible threats. In the other side, rootkits and bootkits are really lethal because they infect and work under the radar, circumvent the usual defenses, take the system control and, mainly, steal valuable information. The question is: how can we fight against an enemy that we can't see? This presentation aims to explain some details about malware attack and protections.

4:05 - 4:10 Dino Covotsos Closing and thanks

4:30 - 6:30 HACKERS the movie

Time	Presenter Image	Presenter Name	Presentation Title	Abstract
10:00 - 10:10	Dino Covotsos	Opening and introduction to DC2711
10:10 - 11:00		Jayson Street	I PWN thee, I PWN thee not!	Attackers love it when defenses fail. Implementing defenses without properly understanding the risks and threats is usually a waste of money and resources. This is a frank discussion of what control failures an attacker looks for when attempting to breach an enterprise, as well as how an effective control can help prevent an attacker from being successful. Jayson will walk through real-world scenarios that have led to successful compromise of different companies through control failures. He will also give detailed analysis of controls that led to his attacks being effectively thwarted. Learn how to understand and assess real-world risks, as well as simple defenses which can be implemented to better protect your organization. With a 95% chance of not using any fireworks or minor explosives Jayson will thrill the audience with ways to better defend their networks from criminals, nation states and Suzy in accounting! Come for the Explosive hyperbole but stay for the hugs!
11:00 - 11:15	BREAK
11:15 - 12:00		Sibusiso Sishi	An investigation of the effectiveness of passwords derived from African languages	Password authentication has become ubiquitous in the cyber age. To-date, there have been several studies on country based passwords by authors who studied, amongst others, English, Finnish, Italian and Chinese based passwords. However, there has been a lack of focused study on the type of passwords that are being created in Africa and whether there are benefits in creating passwords in an African language.For this research, password databases containing LAN Manager (LM) and NT LAN Manager (NTLM) hashes extracted from South African organisations in a variety of sectors in the economy, were obtained to gain an understanding of user behaviour in creating passwords. Analysis of the passwords obtained from these hashes (using several cracking methods) showed that many organizational passwords are based on the English language. This is understandable considering that the business language in South Africa is English even though South Africa has 11 official languages.African language based passwords were derived from known English weak passwords and some of the passwords were appended with numbers and special characters. The African based passwords created using eight Southern African languages were then uploaded to the Internet to test the security around using passwords based on African languages. Since most of the passwords were able to be cracked by third party researchers, we conclude that any password that is derived from known weak English words marked no improvement in the security of a password written in an African language, especially the more widely spoken languages, namely, isiZulu, isiXhosa and Setswana.
12:00 - 12:30		Amy Mania	Put Words In My Mouth	Money has been withdrawn from your account. You don't remember making, or authorising that transaction. When you follow up with the bank, they say you called earlier and requested the transfer - it was, after-all, you speaking - right? Unbeknownst to you, your voice was stolen, and so was your money. With the rise of voice authentication biometrics, so will the opportunities to spoof it. Text-to-Speech API's are constantly improving, with Google's technology now being indistinguishable from the real human speaker. Threat actors have access to a target's YouTube videos, social media posts. Even more invasive channels are certain vulnerable IoT devices, littered throughout homes and offices. Social media posts and IoT's allow threat actors to listen to your voice, capture and then manipulate it (all using free online tools). So what exactly can be done with a 'stolen' voice? This research explores the possibilities of banking fraud, by using voice-spoofing to bypass authentication and withdraw funds.
12:30 - 1:30	LUNCH BREAK
1:30 - 2:20		Adrian and Jacqui	How To Be A Successful Hacktivist In 2020	This talk is the result of a 5 year shared journey that began in 2014 with the launch of the Eden Office of Cyber Security when Jacqui and Adrian first met. Later, the pair went on to co-found the Garden Route Defcon group, DC2744 and more recently the Cyber Awareness Institute of South Africa. Through an unorthodox approach to story-telling, they will introduce you to Cypha Red-Eye who offers his unique perspective into the world of hacking and infosec. Through him, you will discover how the pair became incidental hacktivists this year and the three key ingredients that they foresee as critical to hacktivism success in 2020. When asked to comment on their presentation, the duo had this to say: "The world as we know it is changing and continues to change at a speed that even the minds of the hacker elite among us may struggle to keep up with. No one can predict the future but we can create it, and those who aspire to hack the system and champion a cause can position themselves for success." The speakers unpack what this means for you in 2020, in under 50 minutes.
2:20 - 3:00		Veronica Schmitt	The Autopsy of the PHOENIX X36 Hemodialysis System	Medical Device Security is a new buzz word. This is the new kid on the block. Everyone wants to hack a medical device. This talk focuses on another area that has yet to be developed. Digital Forensics and Incident Response is often forgotten when it comes to medical devices. This talk sheds light on research I've done to determine whether DFIR is viableble on them currently. By reverse engineering the firmware and system artifacts of the Hemodialysis system, various artifacts have been identified which can be useful to determine whether the device has failed or if it has potentially been tampered with. Let me take you on a journey of a Post-Mortem of a medical device, delve into the hexadecimal world that it is made up of.
3:00 - 3:15	BREAK
3:15 - 4:05		Alexandre Borges	Advanced Malware: rootkits, .NET and BIOS/UEFI threats.	Malware threats are the current and critical cyber security concern around the world. Every single day, many companies are stroke by digital threats through malicious documents or phishing, having their systems infected and causing a huge loss of money. Indeed, ransomware represent a serious problem, but they are visible threats. In the other side, rootkits and bootkits are really lethal because they infect and work under the radar, circumvent the usual defenses, take the system control and, mainly, steal valuable information. The question is: how can we fight against an enemy that we can't see? This presentation aims to explain some details about malware attack and protections.
4:05 - 4:10	Dino Covotsos	Closing and thanks
4:30 - 6:30	HACKERS the movie