SyScan'14 Speaker - Joxean Koret
Posted 04:51 PM Feb 14
Topic:
"Breaking Anti-Virus Software"
 |
| Joxean Koret |
Joxean Koret has been working for the past 14 years in many different computing areas. He started working as database software developer and DBA for a number of different RDBMS. Afterwards he got interested in reverse engineering and applied this knowdlege to the DBs he was working with, for which he has discovered dozens of vulnerabilities in products from the major database vendors, specially in Oracle software. He also worked in other security areas like malware analysis and anti-malware software development for an Antivirus company or developing IDA Pro at Hex-Rays. He is currently a security researcher in Coseinc.
SyScan'14 Speaker - Corey Kallenberg, Xeno Kovah, John Butterworth & Sam Cornwell
Posted 04:49 PM Feb 14
Topic:
"Setup for Failure: Defeating SecureBoot"
 |
| Corey Kallenberg |
Corey Kallenberg is a security researcher for The MITRE Corporation who has spent several years investigating operating system and firmware security on Intel computers. In 2012 he coauthored work presented at DEFCON and IEEE S&P on using timing based attestation to detect Windows kernel hooks. In 2013 he helped discover critical problems with current implementations of the Trusted Computing Group's "Static Root of Trust for Measurement" and co-presented this work at NoSuchCon and Blackhat USA. Later, he discovered several vulnerabilities which allowed bypassing of "signed BIOS enforcement" on a number of systems, allowing an attacker to make malicious modifications to the platform firmware. These attacks were presented at EkoParty, HITB, and PacSec.
 |
| Xeno Kovah |
Xeno is a Lead InfoSec Engineer at The MITRE Corporation, a not-‐for-‐profit company that runs 6 federally funded research and development centers (FFRDCs) as well as manages CVE. He is the team lead for the BIOS Analysis for Detection of Advanced System Subversion project. On the predecessor project, Checkmate, he investigated kernel/userspace memory integrity verification & timing-‐based attestation. Both projects have a special emphasis on how to make it so that the measurement agent can't just be made to lie by an attacker. Xeno has also contributed 8 days of classes on deep system security to OpenSecurityTraining.info, with an additional 2 day class on Intel TXT to be added soon.
 |
| John Butterworth |
John Butterworth is a security researcher at The MITRE Corporation who specializes in low level system security. He is applying his electrical engineering background and firmware engineering background to investigate UEFI/BIOS security.
 |
| Sam Cornwell |
Sam Cornwell is a Sr. InfoSec Engineer at The MITRE Corporation. Since 2011 he has been working on projects such as Checkmate, a kernel and userspace memory integrity verification & timing-‐based attestation tool, Copernicus, a BIOS extractor and configuration checker, and numerous other private security sensors designed to combat sophisticated threats.
SyScan'14 Speaker - Alfredo Ortega
Posted 04:45 PM Feb 14
Topic:
"Deep-Submicron Backdoor"
 |
| Alfredo Ortega |
Alfredo Ortega is a programmer and exploit developer with more than ten years of experience, working mostly in embedded and Unix systems. He is member of the ITBA (Instituto Tecnologico de Buenos Aires) Optoelectronics laboratory and co-founder of Groundworks Tech- nologies, a startup specialized in firmware and embedded security.
SyScan'14 Speaker - Nils & Jon Butler
Posted 04:43 PM Feb 14
Topic:
"Mission mPOSsible"
 |
| @nils |
Nils is a security researcher for MWR Labs. He likes to break and exploit stuff, which he demonstrated at pwn2own 2009, 2010, 2013 and mobile pwn2own 2012. He has spent a considerable amount of time researching different mobile platforms and how to evade the exploitation mitigations techniques in place on these platforms. His current area of interest are embedded payment systems.
 |
| @securitea |
Jon works at MWR InfoSecurity, heading up their independent research in the UK. He is interested in all aspects of vuln dev, and has used these skills to win recent Pwn2Own competitions against the Samsung Galaxy S3 and Google Chrome. He has presented at various conferences in the past on topics relating to browser security, reverse engineering C++ applications, and software exploitation on ARM platforms. His current research interests include sandboxing technologies, static binary analysis, and payment card security.
SyScan'14 Speaker - Josh "m0nk" Thomas
Posted 04:39 PM Feb 14
Topic:
"How to train your Snapdragon: Exploring Power Regulation Frameworks on Android"
 | ||
| m0nk |
Chief Breaking Officer for Atredis, Security researcher, mobile phone geek, mesh networking evangelist and general breaker of things electronic. Typical projects of interest span the hardware / software barrier and rarely have a UI. m0nk has spent the last year or two digging deep into Android and iOS internals, with a major focus on both the network stack implementation and the driver and below hardware interfaces. He uses IDA more frequently than Eclipse (and a soldering iron more that both). His life dreams are to ride a robot unicorn on a moonlit beach and make the world a better place, but mostly the unicorn thing...
SyScan'14 Speaker - Snare & Scollinsonz
Posted 04:27 PM Feb 14
Topic:
"Thunderbolts and Lightning: Very Very Frightening"
 |
| Snare |
snare and scollinsonz were slated to play Batman and Robin in the next Batman movie until Ben Affleck bought his way into the role of Batman. scollinsonz immediately quit in protest and became a researcher at the University of Auckland, where he hacks on FPGAs and stares at ChipScope all day. snare subsequently sank far into the depths of depression, but after a brief stint at the Betty Ford Center he's back flipping burgers at Azimuth Security.
SyScan'14 Speaker - Alex Ionescu
Posted 04:24 PM Feb 14
Topic:
"All about the RPC, LRPC, ALPC and LPC in your PC"
 |
| Alex Ionescu |
Alex is coauthor of Windows Internals 5th edition. He teaches Windows OS internals to Microsoft employees and other organizations worldwide.
He is the founder of Winsider Seminars & Solutions Inc., specializing in low-level system software for administrators and developers. Alex was the lead kernel developer for ReactOS, an open source clone of Windows XP/2003 written from scratch, where he wrote most of the NT-based kernel.
Alex is also very active in the security research community, discovering and reporting several vulnerabilities related to the Windows kernel and presenting talks at conferences such as Blackhat and Recon.
Alex's experience in OS design and kernel coding dates back to his early adolescence when he first played with John Fine's educational OS, Kernel, and Boot Loader code. Since then, he has been active in the area of NT kernel development, offering help and advice for driver developers, as well as in the NT reverse engineering and security field, where he has published a number of articles and source code, such as documentation for the Linux NTFS project, extensive papers on the Visual Basic Metadata and Pseudo-code format, and NTFS Structures and Data Streams. In the last three years, he has also contributed to patches and development in two major commercially used operating system kernels.
Alex is also very active in the security research community, discovering and reporting several vulnerabilities related to the Windows kernel and presenting talks at conferences such as Blackhat and Recon.
Alex's experience in OS design and kernel coding dates back to his early adolescence when he first played with John Fine's educational OS, Kernel, and Boot Loader code. Since then, he has been active in the area of NT kernel development, offering help and advice for driver developers, as well as in the NT reverse engineering and security field, where he has published a number of articles and source code, such as documentation for the Linux NTFS project, extensive papers on the Visual Basic Metadata and Pseudo-code format, and NTFS Structures and Data Streams. In the last three years, he has also contributed to patches and development in two major commercially used operating system kernels.
For more information on Alex, see his web site and blog.
SyScan'14 Speaker - Mark Dowd
Posted 04:21 PM Feb 14
Topic:
"The Right Stuff: A spectral analysis of modal progressions in popular music, 1980-1989"
 |
| Mark Dowd |
Mark is a director and founder of Azimuth Security, and brings over 10 years of security experience to the team. The bulk of his professional career has been focused in the area of application security research. Mark spent a number of years as a senior researcher at IBM's Internet Security Systems (ISS) X-Force, during which he discovered a number of high-profile vulnerabilities in ubiquitous Internet software. In addition to professional vulnerability research, Mark's previous experience includes serving as a principal security architect for McAfee, as well as performing a variety of information security consulting services independently and for ITAC Consulting.
Mark's vulnerability research record speaks for itself. Over the last decade, Mark has identified and helped remediate critical remotely exploitable security vulnerabilities in Sendmail, Microsoft Exchange, OpenSSH, Internet Explorer, Mozilla Firefox, Adobe Flash, Checkpoint VPN, and Microsoft's SSL implementation. In addition to his vulnerability research, Mark has published several technical research papers, and was a co-author of the Addison-Wesley Professional book "The Art of Software Security Assessment". He was the winner of the 2009 Google Native Client Security Contest. Mark regularly speaks at industry conferences, including BlackHat, CanSecWest, PacSec, and Ruxcon.
SyScan'14 Speaker - Charlie Miller & Chris Valasek
Posted 04:00 PM Feb 14
Topic:
Car Hacking for "Poories"
 |
| Charles Miller |
Charlie Miller is a computer security researcher with Twitter. He was the first with a public remote exploit for both the iPhone and a phone running Android. He won the CanSecWest Pwn2Own competition for the last four years. He's hacked Second Life and Batteries. He has authored two information security books and holds a PhD from the University of Notre Dame.
 |
| Chris Valasek |
Chris Valasek is the Directory of Security Intelligence at IOActive focusing on attack trends while continuing various research projects. Prior to IOActive, Valasek was a Senior Research Scientist at Accuvant LABS, IBM Internet Security Systems, and Coverity. Valasek's research focus spans areas such as vulnerability discovery, exploitation techniques, and reverse engineering, contributing public disclosures and authoring research on these topics to the broader security community. While Valasek is best known for his publications regarding the Microsoft Windows Heap, his research has broken new ground in areas such as vulnerability discovery, exploitation techniques, reverse engineering, source code and binary auditing, and protocol analysis. Valasek has presented his research at major international security conferences including Black Hat USA and Europe, ekoparty, INFILTRATE, and RSA, and is the chairman of SummerCon, the nation's oldest hacker convention.
SyScan'14 Sponsorship
Posted 02:29 PM Nov 21
There are 4 categories of sponsorship for SyScan. They are:
- Diamond
- Platinum
- Gold
- Silver
To find more more about becoming a sponsor at SyScan, please contact organiser(at)syscan(dot)org
SyScan'14 Training Class
Posted 01:57 PM Nov 21
Course Code: ST1401
Course Title: Windows Internals for Reverse Engineers
Instructor: Alex Ionescu
3 days training date: 31 March - 02 April 2014
Course outline:
http://www.syscan.org/index.php/sg/training/details/sys_14_01
Course Code: ST1402
Course Title: Android and iOS Hands-on Exploitation
Instructor: Subho Halder
3 days training date: 31 March - 02 April 2014
Course outline:
http://www.syscan.org/index.php/sg/training/details/sys_14_02
Course Code: ST1403
Course Title: Android Forensic Analysis in Depth
Instructor: Dr Bradley Schatz
3 days training date: 31 March - 02 April 2014
Course outline:
http://www.syscan.org/index.php/sg/training/details/sys_14_03
Course Code: ST1404
Course Title: Chipping away at root: A practical exploration of real world hardware hacking
Instructor: Josh Thomas & Nathan Keltner
2 days training date: 01 - 02 April 2014
Course outline:
http://www.syscan.org/index.php/sg/training/details/sys_14_04
Course Code: ST1405
Course Title: RFID: Soup to Nuts
Instructor: Adam Laurie
2 days training date: 01 - 02 April 2014
Course outline:
http://www.syscan.org/index.php/sg/training/details/sys_14_05
Course Code: ST1406
Course Title: Mobile Application – Scan, Attack and Exploit
Instructor: Hemil Shah
2 days training date: 01 - 02 April 2014
Course outline:
http://www.syscan.org/index.php/sg/training/details/sys_14_06
Course Code: ST1407
Course Title: The Exploit Laboratory Advanced Edition
Instructor: Saumil Shah
3 days training date: 31 March - 02 April 2014
Course outline:
http://www.syscan.org/index.php/sg/training/details/sys_14_07
Course Code: ST1408
Course Title: iOS 7 Exploitation (Focus: MobileSafari Case Study)
Instructor: Stefan Esser
3 days training date: 31 March - 02 April 2014
Course outline:
http://www.syscan.org/index.php/sg/training/details/sys_14_08
Course Code: ST1409
Course Title: Introductory BIOS and SMM Security
Instructor: Jon Butterworth
2 days training date: 01 - 02 April 2014
Course outline:
http://www.syscan.org/index.php/sg/training/details/sys_14_09
Course Code: ST1410
Course Title: Development Kernel Exploit for Microsoft Windows
Instructor: Nikita Tarakanov
2 days training date: 01 - 02 April 2014
Course outline:
http://www.syscan.org/index.php/sg/training/details/sys_14_10
Course Code: ST1411
Course Title: Malware Analysis Basic Course
Instructor: Udi Shamir & Joxean Koret
2 days training date: 01 - 02 April 2014
Course outline:
http://www.syscan.org/index.php/sg/training/details/sys_14_11
SyScan'14 Training Class
Posted 04:54 PM Nov 19
Register at http://www.syscan.org/index.php/sg/training
SyScan'14 - Registration Start!
Posted 04:50 PM Nov 1
SyScan'14 - Call For Paper
Posted 01:36 PM Sep 4
SyScan'13 Singapore_Speaker list is out, check it now!
Posted 05:45 PM Feb 1
 |
| Please visit our website for more details, http://www.syscan.org/index.php/sg/speakers |
News: SyScan360 Beijing 2012
Posted 11:47 AM Dec 18
http://tech.ccidnet.com/zt/syscan360/ ..... more
News: SyScan360 Beijing 2012
Posted 10:19 AM Dec 18
http://special.csdn.net/syscan360/index.html/2 ........ more
http://www.cnetnews.com.cn/2012/1215/2136256.shtml ....... more
SyScan'13 SINGAPORE- CALL FOR PAPER
Posted 02:26 PM Nov 30
Articles about SyScan Singapore 2012
Posted 10:14 AM May 10
Ready to "0wned" these phones during Syscan'12 Singapore?
Posted 03:42 PM Mar 29
Lucky draw prize for Syscan'12 Singapore is here!
Posted 03:35 PM Mar 29
Speaker - Paul Craig
Posted 04:14 PM Mar 9
Paul Craig Security-Assessment.com Singapore
Paul Craig is the Principal Security Consultant for Security-Assessment.com based in Singapore and working throughout the SE Asia region. Paul is avid fan of technology exploitation, and enjoys shells, privileged access and stealing rights. One of the few self-proclaimed (ethical) hackers in Singapore, Paul spends his day-to-day breaking into banks, insurance and investment companies in an attempt to increase the security bar of this humid nation. In his spare time Paul tries to learn Singlish, keep cool, and avoid being caned by the authorities (Cheeko ang mo no get rotan). Previously Paul has spoken at many international security conferences including Defcon, Syscan, Hack In The Box, Hack.Lu and Kiwicon.
Speaker - Aaron Lemasters
Posted 04:13 PM Mar 9
Aaron Lemasters MANDIANT
Aaron LeMasters is a Senior Security Researcher at MANDIANT. His career has spanned a broad range of cyber security disciplines from computer forensics to vulnerability research and exploitation. Aaron spent five years responding to cyber incidents across global DOD networks at DISA and NSA, providing education and tools to network defenders to counter advanced threats such as rootkits. He most recently worked at Raytheon SI performing vulnerability research. Aaron's research interests include operating system integrity analysis, malware analysis, and reverse engineering. He is a co-author of Hacking Exposed: Malware and Rootkits (McGraw-Hill, 2009).
Speaker - Loukas
Posted 04:12 PM Mar 9
Loukas Assurance Pty Ltd (Melbourne, Australia)
Security consultant, former software engineer, long time Mac fanboy, avid musician, and aficionado of the world's beers (all of them).
Speaker - Ryan MacArthur
Posted 04:10 PM Mar 9
Ryan MacArthur iSIGHT Partners
Ryan MacArthur Neophyte security researcher who has a penchant for booze. Tinkerer that has spiralled down into the kernel. Visionary Street Fighter IV player. I've no impressive list of CVE's and no string of acronyms after my name. Mere dwarf standing on the shoulders of giants. I've researched automated malware analysis while getting my masters in security informatics from Johns Hopkins. I then joined Symantec as a malware analyst where I reverse engineered malware and file formats to aid in detection of exploits. After that I joined iSIGHT Partners Lab to build/break things for our customers.