Friday, January 20, 2023
Time One Track Mind
1200 Registration Opens

Opening Remarks, Rumblings, Ruminations, and Rants

1530 Open Source Software — Y U No Secure?

Aeva Black

1600 How to Use Sauteed Onion to Get to the Taste of Website You Want

Paul Syverson

1630 Ya Got Trouble (And SLSA May Help)

Nicole Schwartz

1700 Big Tech Whistleblowers: Transparency, Accountability, and the Power of the Press

Libby Liu

1730 Social Engineering from the Detective Perspective

Tom Howard

1800 Hacker Law for Hackers

Harley Geiger

1845 Registration Closes


Saturday, January 21, 2023
Time Build It! Belay It! Bring it On!
0930 Registration Opens
1000 Mr. Radar: Layer 1 Recon

Jason Baird

Les Miserable Persistence: Hunting Through Scheduled Tasks

Brandon DeVault

Media Effects Used in Influence Operations

Krassimir Tzvetanov

1100 A Mask ROM Tool in Qt6 and C++

Travis Goodspeed

Escalating Attack and Defense on Cloud-based Kubernetes — The Difference Between a Container and a Pod is a Pod can Begin an Adventure!

Jay Beale

The UN Cybercrime Treaty: The One Treaty to Rule All the Hacking Laws

Kurt Opsahl

1200 Dit Dit-Dah-Dit: The Evolution of Cellular Networks

Tracy Mosley

Putting on a Big Show: Defending by Attacking Attacker Incentives

Jacob Torrey

An Insight into Railway Security

Brian Butterly

1300 Break
1400 Phantom of the Pipeline — Abusing Self-Hosted CI/CD Runners

Adnan Khan, Mason Davis, and Matt Jackoski

Riverside: A Network Security Visualization Tool

Kaitlyn DeValk

The Song Must NOT Go On

Christopher Forte

1430 The Un-parsing Manifesto: Reconnecting our Corpus Callosum

Falcon Darkstar Momot

US Covid19 Immunization Credentials + Privacy-friendly QR Codes for Identity

Christian Paquin

1500 How to Save Your SOC from Stagnation

Carson Zimmerman

How I Scanned the Internet for NSA Compromised Firewalls


Catching Chinese Actors — A Game of Cat and Mouse

Mao Sui

1515 The OSINT Game that Reveals Hidden Helicopters of DC

Andrew Logan

1530 Bringing the Curtain Down on Flash Protection in Obscure Microcontrollers through Fault Injection

Christopher Hewitt

Parkalot — Using Parking Apps Like Traditional Meters Using License Plate Validation Loopholes

Michael Rudden

You and Me (But Mostly Me)

Jesika McEvoy

1545 No, Really, The Gerasimov Doctrine Doesn’t Exist

Dylan Hoffmann

1600 OpenSecurityTraining2: Free Deep-Technical Training

Xeno Kovah

The Perfect Resume For Entry-Level Infosec

Space Rogue (C. Thomas)

Textiles and Technology

Amanda Draeger

1630 From the Keyboards, Through the Walls, Got Implant Shells for Y’all

Jonathan Fischer

Hide Your Valuables — Mitigating Physical Credential Dumping Attacks

Gabriel Landau and Mark Mager

Congratulations! You Found a Security Vulnerability in an Open Source Project! Now What?

Madison Oliver and Jonathan Leitschuh

1700 0wn the Con

The Shmoo Group

I Spy a Spy: Degrading Advanced Phishing Campaigns Against Your Organization and Clients

Joe Oney

Inglourious Drivers — The Revenge of the Peripheral Devices

Omer Tsarfati

1815 Registration Closes

Saturday Night

Sunday, January 22, 2023
Time Build It! Belay It! Bring it On!
0930 Registration Opens
1000 Mainframe Hacking for CICS and Giggles

Jan Nunez and Jay Smith

REveal: Unmasking Malware’s True Identity

Scott Young

Telegram, Translations, and Twitter: How a Covert Russian Disinformation Effort Is Bypassing Censorship and Targeting Global Audiences

Patricia Bailey

1100 It Must Be Nice to Have Washington on Your Side: Unlinking Binaries on the DARPA Assured Micropatching Program

evm, Joshua Bailey, Robert Barr, Amanda Lee, and Jonah Schimpf

Hacking ISPs with PPPoE

Gal Zror

Under Pressure: Balancing Privacy Breach Notification with Incident Response

Kelly Ohlert

1200 Escaping the Tar Pit and Securing the Supply Chain

Kasimir Schulz

The UEFI Threat — Or How I Can “Permanently” Brick Your Computer

Paul Asadoorian

Large-Scale Infiltration and Monitoring of C&C Servers

Jonathan Fuller

1300 Closing Plenary: OK, So What IS Working?

Mark Manning, Tina Velez, SPAM, and Bruce Potter (moderator)


Closing Remarks

1500 End of Con – See You Next Year!