(31 Episodes)

CypherCon is an annual hacker conference held in Wisconsin that provides hackers with an outlet to openly demonstrate and experience creativity and ingenuity through hands-on enlightening activities, thought provoking presentations and technical projects. 

 

Speakers were filmed at CypherCon 4.0 in Milwaukee on April 11th and 12th, 2019 at the Wisconsin Convention Center. Learn more about this conference by clicking HERE.

(S2: E1) A Kinesthetic Approach To Learning Encryption with Antoinette Stevens

Kinesthetic style, or tactile learning, means that some learn best by physically doing to fully learn and memorize a topic. Capture the flag competitions can be a way to understand security concepts with reading, understanding, applying and watching it in action. Creating a full multi-sensory learning experience to retain those concepts in memory for later.

Release Date: Jun 7, 2019

Language: English | CC | Runtime: 19 minutes

(S2: E2) More Than Tor: Shining a Light on Different Corners of the Dark Web with Benjamin Brown

When the terms Darknet or Dark Web are invoked, it is almost always in reference to the Tor network, but what about the other extant Darknet frameworks? In this talk Benjamin will expand the field of view to include frameworks such as Freenet, I2P, and OpenBazaar. He’ll take a quick look at the origins and technical underpinnings of these Darknets as well as their actors and offerings.

Release Date: Jun 20, 2019

Language: English | CC | Runtime: 40 minutes

(S2: E3) The Magic of Forensic Artifacts Hiding in Plain Sight with Cindy Murphy

Digital forensics expert Cindy Murphy, M.Sc. will use this session to unpack the myths of digital forensics she uncovered since her career pivot from law enforcement to private digital forensics work. She will discuss how to navigate common myths and most importantly, how to keep moving forward in an ever-changing industry.

Release Date: July 5, 2019

Language: English | Runtime: 53 minutes

(S2: E4) Spitting The Hook: Examining Phishing Bait with Joe Cicero

In this very informative panel, Joe Cicero examines phishing bait for enterprise protection. Subjects covered are: the red flag concept, identifying phishing email basics, examining headers, examining attachments and links. Additional topics covered are: the differences between a legit email, spam, marketing and phishing.

Release Date: July 19, 2019

Language: English | Runtime: 47 minutes

(S2: E5) Phreaking for fun and profit with Brad Swanson

Brad talk's about phone phreaking back in the late 1980's, until the mid 1990's. He will cover what phreaking was, why it worked, and why it was done. Devices used, the theory behind them, and some entertaining stories about those devices are covered. He will cover the slew of ‘secret’ numbers that existed in the phone system and discuss the decline in phreaking with the newer versions of ESS.

Release Date: August 2, 2019

Language: English | Runtime: 55 minutes

(S2: E6) Shifting Security Left with Chris Merkel

The shift to the cloud is making it more difficult for security teams to control what happens in their organizations and secure systems. The solution is more security tools, more security people, and ever-inventive ways to reign in your environment. We’ll talk about how engineering automation to create a culture of empowerment, self-reliance and trust can result in better security outcomes.

Release Date: August 16, 2019

Language: English | Runtime: 51 minutes

(S2: E7) Bug Bounty Law with Dr. Amit Elazari Bar On

Bug Bounties and Vulnerability Disclosure Program (VDP) are one of the fastest growing, most popular ways for companies to engage with the security research community and uncover unknown security vulnerabilities. This talk will explore how the law interacts with bug bounties, VDP, anti-hacking laws, bounty legalese myths, and contract standardization efforts widely adopted across the industry.

Release Date: August 30, 2019

Language: English | Runtime: 47 minutes

(S2: E8) Automating Hashtopolis with Dustin Heywood

This talk will cover the basics of using the user-api to automate functions in Hashtopolis. Connecting to an HTP instance, creating hashlists, creating attacks, recovering plaintext, user creation and more will be covered.

Release Date: September 13, 2019

Language: English | Runtime: 23 minutes

(S2: E9) Welcome Our New A.I. Overlords with Ed Skoudis

Amazing new A.I. based services from Amazon, Google, and Microsoft let organizations rely on automated technology to crawl through their cloud-based data to identify sensitive info, security weaknesses, and hacking attempts. In this talk, Ed will analyze security implications, ethical, business, and privacy issues they raise as cloud-based A.I. intertwines itself in our lives deeper every day.

Release Date: September 27, 2019

Language: English | Runtime: 46 minutes

(S2: E10) Tracking an Adversary's Learning Curve with Edd Black

There are 2 camps of attackers: low skilled opportunists (script kiddies) and APT – Advanced Persistent Threats (funded organized crime, nation states). In between lurks a skilled persistent threat, capable of doing even more damage. These adversaries require human responders to identify, track, & oppose. Understand the constraints of the persistent threat, and you can learn to counter them.

Release Date: October 11, 2019

Language: English | Runtime: 20 minutes

(S2: E11) Remote Wireless Pentesting with Eric Escobar & Matt Orme

Wireless pentesting typically requires physical proximity to a target which requires time, limited resources, and constant traveling. Eric & Matt have pioneered an inexpensive device to covertly perform wireless pentests anywhere on earth. In this talk, they'll discuss why they built it, how it works, and why they think it will revolutionize wireless pentesting.

Release Date: October 25, 20019

Language: English | Runtime: 52 minutes

(S2: E12) Building a Cohesive Undergraduate Security Club with Ian Klatzco

The university security club had its ups and downs between boring meetings and inaccessibility to newcomers. It improved with a tighter meeting format, approachable 24-7 internal CTF, and internal documentation. There was better attendance, more people staying after meetings, and freshmen successfully completing projects with upperclassman mentorship. Interested? Learn more by watching this video.

Release Date: November 8, 2019
Language: English | Runtime: 38 minutes

(S2: E13) Encryption, Silver Bullets & Holy Water with J. Wolfgang Goerlich

 

Werewolves attack, we have silver bullets. Vampires attack, we have holy water. Criminal hackers attack, we have encryption. The villains come and the heroes fight back. But too often, encryption is like water without the holy or bullets without the silver. The configuration is wrong or the code is incomplete. This talk will cover how and where to architect for encryption to get real protection.

Release Date: November 22, 2019

Language: English | Runtime: 49 minutes

(S2: E14) Always Look a Gift (Trojan) Horse In the Mouth with James Arndt

In this talk, learn various tools and techniques that can be used to thoroughly analyze a malicious email attachment and everything that comes after it. In order to get as many stones as possible, we will want to leave no stone unturned. This information can then be used to look for indicators of compromise throughout your environment.

Release Date: December 20, 2019

Language: English | Runtime: 38 minutes

(S2: E15) Unhinging Security On the Buffalo Terastation NAS with Ian Sindermann

It only takes a small oversight to cause a vulnerability, even when it comes to severe vulnerabilities. The Buffalo TeraStation NAS demonstrates this idea beautifully in that it has a variety of features that do just a tad more than they should. Ian will provide an overview of the thought processes, mindset, and skills used to turn happy little oversights into happy little shells. 

Release Date: January 3, 2020

Language: English | Runtime: 24 minutes

(S2: E16) Decrypting the Mess that is SSL TLS Negotiation with Jim Nitterauer

This talk will provide a quick overview of the major SSL/TLS versions along with their major vulnerabilities. Jim will then discuss how he was able to use some F5 iRule magic on his load balancers combined with Graylog (a log aggregation platform) to track as well as block undesirable client and server connections to his proxy end points. This strategy can easily be adapted to any protocol scenario that uses TLS connection negotiation.

Release Date: January 10, 20200

Language: English | Runtime: 47 minutes

(S2: E17) What are We Thinking Here? Rethinking Security with Jeff Man

There's too much focus on vulnerabilities and not enough attention on other elements that derive the standard risk equation. Meltdown/Spectre introduced a perfect storm scenario where the vulnerability wasn’t easy to fix and the solution broke things. But, there's still persistent vulnerability. What else should we focus on in terms of security if/when the vulnerabilities still remain?

Release Date: January 17, 2020

Language: English | Runtime: 43 minutes

(S2: E18) Sorry About Your WAF with Johnny Xmas & Sam Crowther

This presentation will be a mini-tutorial on how the various forms of “bot detection” out there work, and how to modify/spoof the necessary client environments to bypass nearly all of them using anything from Python Requests to Selenium, Puppet and beyond.

Release Date: January 24, 2020

Language: English | Runtime: 46 minutes

(S2: E19) What the World Needs Now is Ham, Sweet Ham with Jonathan Tomek 

Let’s increase your appetite for becoming a HAM. Whether you have an SDR laying around or hand-held you have had since the last hackercon, you should get to know how to use it. For those HAMs out there, this should still get you excited to try something new. Since it wouldn’t be Cyphercon without the “cypher”, there will be some fun things here to spir the curiosity in your old hackerself.

Release Date: January 31, 2020

Language: English | Runtime: 45 minutes

(S2: E20) Spelunking the Bitcoin Blockchain with Josh Bressers

There are few topics that capture headlines like Bitcoin. Bitcoin’s blockchain is like art; sometimes you have to see it with your own eyes. How does Bitcoin work? What secrets does blockchain hold for us to find? Everything we look at is open data and all the tools we use are open source. You can continue the investigation on your own using what you learn here as your inspiration and guide.

Release Date: February 7, 2020

Language: English | 47 minutes

(S2: E21) Thrift Shopping with your Data with Josh Frantz

What happens with disk, flash, and floppy drives when you drop them off at thrift stores or e-recycling centers? How do you properly dispose of those devices safely and securely? We look into thrift shopping, in particular, buying your data back from those who agreed to destroy it. You signed an agreement stating your disks be wiped and data destroyed, that couldn’t be further from the truth.

Release Date: February 14, 2020

Language: English | Runtime: 24 minutes

(S2: E22) Capture the Fail - Avoiding Pitfalls when running your CTF with the Silvers

Kris and Chris Silvers, creators of the OSINT CTF, share some lessons they've learned on their journey. They’ve run into some interesting problems. Like their scoring engine’s exploitable vulnerabilities to targets changing their attack surface mid-competition and met them all head-on. Laugh along and learn something as they walk through their toughest challenges and how they handled them.

Release Date: February 21, 2020

Language: English | Runtime: 25 minutes

(S2: E23) Anatomy of a Hot Wallet: Bitcoin at Scale with Matthew Werner

Coinbase has become one of the leading cryptocurrency exchanges in the world. This talk describes how the systems operate, challenges we’ve faced, and how we’ve overcome these constraints to provide our customers with a world-class cryptocurrency product. The talk will include topics such as fee estimation, coin selection, change splitting, UTXO consolidation, and child pays for parent.​

Release Date: February 28, 2020

Language: English | Runtime: 39 minutes

(S2: E24) Don't Forget to Wipe with Michael Portera

On June 29, 2018, Toys "R" Us shut its doors to the public after filing Chapter 11 bankruptcy. The months leading up to that day consisted of liquidating its assets, including computer hardware. While everything should have been sanitized before being sold, it wasn’t. We’ll review my forensics investigation: what I was able to recover, how I did it, and the importance of sanitizing devices.

Release Date: March 6, 2020

Language: English | Runtime: 22 minutes

(S2: E25) What Happens when a Genome Database is Breached with Michelle Meas

DNA sequencing has become a lot cheaper since its invention, even becoming a consumer good. However, the companies that perform this sequencing are unregulated, and what they do with the data is hardly transparent. We will begin with an overview of gene sequencing technology, discuss the data collected by companies and discuss how this data could be weaponized by bad actors after a data breach.

Release Date: March 13, 2020

Language: English | Runtime: 45 minutes

(S2: E26) Urban Foraging: Back to our Beginnings with Nick Wersel

Someone in the 1860s one day decided ‘Imma order this houseplant from Asia on Amazon and plant it in my garden!’ They clicked that Buy Now button and SIX MONTHS LATER the package arrived. Because we all know Amazon was still working on their package drone prototypes back then. Anyway now that little plant grows in all your backyards.

Release Date: March 20, 2020

Language: English | Runtime: 21 minutes

(S2: E27) Journey to Command Injection with Rick Ramgattie

Sometimes, owning an embedded device takes multiple different vulnerabilities, creativity, and a little finesse. In this live demo, we show how we were able to chain multiple vulnerabilities in the Lenovo ix4-300d network attached storage device into a remote exploit that can be executed with little user interaction.

Release Date: March 27, 2020

Language: English | Runtime: 26 minutes

(S2: E28) Micro and Nano Segmentation with Russ From

This presentation introduces Micro-Segmentation and includes industry adoption statistics, strategies, and implementation examples. Covered, is why we need segmentation, what the benefits are, how it evolved, and what it enables before explaining a flaw of Micro- Segmentation and how it is addressed using the recently defined term Nano-Segmentation.

Release Date: April 3, 2020

Language: English | Runtime: 38 minutes

(S2: E29) A look at Historic Cons & their Transition to a Digital World with Stephanie Carruthers

What does a pig in a poke, pigeon drops, and salting have in common? They are just a few of old school confidence tricks (cons) used from the late middle ages to more recently which swindled marks out of money. In this presentation Stephanie will cover how some famous historic cons were used in their day, and how they are now being transitioned into today’s digital world.

Release Date: April 10, 2020

Language: English | Runtime: 25 minutes

(S2: E30) Bet You Never Played an NES Game Like This with Vi Grey

We all know someone who has a Nintendo Entertainment System (NES) sitting around collecting dust. The 1980's gaming console was limited in its capabilities, but just how much wiggle room does that leave for mischief? In this talk, Vi Grey will demonstrate how it is possible to innovate under the limitations the NES restricts us with to create new ways a person can interact with a game. You will see NES games that are also fully functioning web pages and ZIP files, console memory dumps that can be opened as JPEG images, game cartridges that secretly contain other entire NES games, and much more.

Release Date: April 17, 2020

Language: English | Runtime: 34 minutes

(S2: E31) The X-15 Rocket Plane, Flying the First Wings into Space with Michelle Evans

With the Soviet Union’s launch of the first Sputnik satellite in 1957, the Cold War soared to new heights as Americans feared losing the race into space. This presentation tells the little-known story of the hypersonic X-15 which opened the way into human controlled spaceflight. Also discussed are the 12 men who guided it into space, and all the people who kept it flying for nearly a decade.

Release Date: May 1, 2020

Language: English | Runtime: 57 minutes

Hackers of CypherCon | Season 2.0

Stream or Buy this Title on the Available Platforms Below

Click an icon to watch or buy on your favorite platform

TERMS OF SERVICE: Clicking on the YouTube, Amazon and Vimeo icons will take you to their respective websites where you can choose to sign up for an account. To stream, rent or purchase a digital title, you can pay securely by credit card or through PayPal. We do not collect any private information. All payments and conditions the aforementioned websites propose are not associated or affiliated with Video Workbench Productions.

  • Visit Us on YouTube
  • Visit Us on Facebook
  • Visit Jason on IMDb

Video Workbench Productions | Johnson Creek, WI | Email HERE | (414) 839-4572

Copyright © 1992-2020 by Jason C. Gares, Video Workbench & Video Workbench Productions. All Rights Reserved.