DC4420


Welcome to DC4420, aka Defcon London.

.reality [2015 edition] Meetings are normally the last Tuesday of the month, except December... June 30th July 28th August 25th September 29th October 27th November 24th December tbc New attendees welcome, just come along! (There are no entry fees, and no tickets to book.)

June 30th 2015

+++ Micro Talk (5 minutes): #hackbases - journey to `off the grid` Speaker: Michał Stefanów (michalstefanow.com), Michal Stefanow Ltd Slides: bit.ly/hackbases Synopsis: The hackbase started as "Cyberhippietotalism" or "CHT#1" in 2011. After 3 years as a rented house, the second version of the base restarted in November 2014, as an off-grid camp & research initiative, scheming to buy first plot of land and settle in the same area: north of Lanzarote, Canary Islands. +++ 1st Talk (short): Multi-Vectored Web Application Exploitation Speaker: Freddie Barr-Smith Synopsis: In this talk I aim to give a practical introduction to basic web application exploitation. Attack vectors such as browser hacking, cross-site scripting and SQL injection are often demeaned. There are many critical services contained within the application layer such as online banking, social networking and email. The vast majority of vulnerabilities found nowadays are injection or XSS based and it is possible to leverage access gained via application-layer attacks. +++ 2nd Talk (long): OWASP mobile top ten Speaker: Paco Hope (@pacohope), Cigital Paco Hope is a security consultant at Cigital who has helped software firms secure their software for nearly 15 years in a variety of industries like financial services, retail, and embedded systems. He is the author of two books on security, the most recent being the Web Security Testing Cookbook. He helps (ISC)² develop the Certified Secure Software Lifecycle Professional (CSSLP) and CISSP certifications. Synopsis: OWASP’s Mobile Top Ten (MTT) Risks project has been around for a few years and has changed shape several times during those years. In 2015 we’re remaking it with reference data from several security consultancies. Paco Hope is helping to shape the 2015 version of the MTT and will share where it has been, where it is, and where it’s going. More info is available at: https://www.owasp.org/index.php/Projects/OWASP_Mobile_Security_Project_-_Top_Ten_Mobile_Risks

Talk nights

Format is usually two talks: a primary 1 hour (ish) and, a secondary 30 minutes (ish). Talks start at 19:30, but we have the room from about 18:30 to 23:00.

Speakers Wanted

Typically our programme has a technical talk (~1 hr) and lighter talk (~30 min). Once or twice a year we have a "Lightning Talk" format, with shorter talks up to ~15 minutes, with anyone who wants to speak on the night. The qualifications for speakers are simple, have a subject of interest to fellow technical & InfoSec people. The subject can be on technical or security issues, social interaction with technology, based on the current events, or just something entertaining to our attendees. As a speaker you can be an expert, a student, someone learning a new area, maybe a regular speaker on the conference circuit, but we also love to have new & occasional speakers. Send your talk / activity proposals to talks@dc4420.org You are very welcome to propose running activities other than talks, such as hands-on workshop or an infosec pub quiz, or something else relevant to our techie audience! We also welcome occasional company pitches, to sell or recruit, but to regulate the frequency of these we ask you to buy a round of drinks. Also please discuss with Major Malfunction or Tony beforehand! Previous talks

Where

The Phoenix, Cavendish Square Nearest tube (Bakerloo, Central and Victoria lines) and bus stops are at Oxford Circus. Transport for London have a journey planner http://www.tfl.gov.uk/

Info/Contact/stuff

We've got this handy Google Calendar thing here Twitter : @dc4420, use the tag #dc4420 Facebook: DC4420 IRC: #dc4420 on Freenode Mailing List: Get on the mailing list: here (Note: don't set your address to dc4420@ as that won't work.) Linkedin : dc4420 group - 680 & growing (June 2015). Do you read the notes there? (No recruiters allowed on unless they've been to the meetings and intro'd themselves to tony and major.) Talks: Send your info to talks@dc4420.org Want to change the website? Submit a pull request