Threat Level: green Handler on Duty: Russ McRee

SANS ISC Internet Storm Center


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Latest Diaries

VMware security advisory: VMSA-2014-0010 http://www.vmware.com/security/advisories/VMSA-2014-0010.html
ISC StormCast for Wednesday, October 1st 2014 http://isc.sans.edu/podcastdetail.html?id=4171

DerbyCon highlights

Published: 2014-09-30
Last Updated: 2014-09-30 23:59:56 UTC
by Russ McRee (Version: 1)
0 comment(s)

I had the pleasure of attending DerbyCon 4.0 (Family Rootz) this past Friday and Saturday and can tell you that if you haven't already attended yourself, plan to do so next year. Aside from the smaller and more encompassing "family" feel, an intentional and protected approach strongly advocated for by @HackingDave and the great @DerbyCon team, you'll also be contributing to Hackers For Charity (HFC). For those of you who couldn't attend but are interested in some of the outstanding content, Adrian Crenshaw (@irongeek_adc) and his team always shoot video of each presentation. For DerbyCon 4.0 they've posted the videos to the Irongeek site here.  

There are so many great talks to choose from but I'll share a few that really resonated with me given current interest or focus areas:

Attacking Microsoft Kerberos: Kicking the Guard Dog of Hades - Tim Medin
Abusing Active Directory in Post-ExploitationCarlos Perez
Ball and Chain (A New Paradigm in Stored Password Security)Benjamin Donnelly and Tim Tomes
Third Party Code: FIX ALL THE THINGSKymberlee Price and Jake Kouns

You should also, in the simple name of humanity, watch Johnny Long's keynote, Hackers saving the world from the zombie apocalypse.

Great conference, great people, great presentations; take the time to watch as many of the videos as possible, and see if you can get a ticket next year when DerbyCon comes around again.

Keywords:
0 comment(s)
ISC threat level returned to green - ShellShock message traffic subsiding, recommend focus on patching and monitoring
ISC StormCast for Tuesday, September 30th 2014 http://isc.sans.edu/podcastdetail.html?id=4169

If you have more information or corrections regarding our diary, please share.

Recent Diaries

DerbyCon highlights
published 17 hours ago by Russ McRee (0 comments)

Shellshock: Updated Webcast (Now 6 bash related CVEs!)
published 1 day ago by Dr. J. (0 comments)

Shellshock: A Collection of Exploits seen in the wild
published 2 days ago by Dr. J. (7 comments)

Shellshock: We are not done yet CVE-2014-6277, CVE-2014-6278
published 2 days ago by Dr. J. (0 comments)

Shellshock: Vulnerable Systems you may have missed and how to move forward
published 2 days ago by Dr. J. (2 comments)

What has Bash and Heartbleed Taught Us?
published 3 days ago by Guy (1 comment)

Why We Have Moved to InfoCon:Yellow
published 4 days ago by Richard (5 comments)

Webcast Briefing: Bash Code Injection Vulnerability
published 5 days ago by Dr. J. (7 comments)

Update on CVE-2014-6271: Vulnerability in bash (shellshock)
published 6 days ago by Dr. J. (24 comments)

Attention *NIX admins, time to patch!
published 1 week ago by Pedro (7 comments)

View All Diaries →

Latest Discussions

SSH Bruteforce Uptick Anyone?
created 1 day ago by Philip (0 replies)

XSS vulnerability in opencms v9.0.1 workplace
created 1 week ago by Murali (0 replies)

RSS feeds broken in Sage
created 4 weeks ago by Madmanguruman (0 replies)

Brown Breach.. . UPS
created 1 month ago by ICI2Eye (0 replies)

So, how dead is antivirus exactly?
created 1 month ago by Safensoft (3 replies)

View All Forums →

Latest News

View All News →