black hat 2014 - wait! wait! don't pwn me!
Post on 29-Nov-2014
158 Views
Preview:
DESCRIPTION
TRANSCRIPT
Wait, wait! Don’t pwn me!
August 2014 Security News Headlines Q&A game
INTRODUCTIONS: THE PANEL
ONLINE NEWS RESOURCES
Hacker NewsCSOCNNars technicaThe VergeThreat PostNetworkWorldSANS
Brian KrebsPandodailyForbesTeslaFBI.govStar TribuneErrata Security
Twitter: #BlackHat #WaitWait
THE RULESEach correct answer to the initial question is worth 3 pointsA wrong answer subtracts 2 pointsA pass on the question loses 1 pointIf a question is answered incorrectly, the second response is worth 1 pointA correct answer from an audience member gets allocated 2 points to panelist of choice
The moderator may arbitrarily give or take away points at any time
SCORE KEEPER: WE NEED A VOLUNTEER!
AUDIENCE PARTICIPATION:
WARM UP
Who is retiring as Executive Director of OWASP?
According to the project evaluation committee findings, what is the most active project in OWASP?
FOR THE PANEL:
HACKS IN THE NEWS
In Sydney Australia, hackers turned an ATM into one, gigantic game player. What game to they did they put on the machine?
According to Karsten Nohl, what common portable device can be used in a new type of attack?
Microsoft was recently ordered by the United States government to turn over email that resided in what country’s servers?
Aircraft satellite communication systems can be hacked via what, according to Ruben Santamarta?
Feds’ Silk Road investigation broke “what”, defendant tells court?
Name one of two major applications that use a vulnerable version of Apache Cordova.
Visit the wrong website, and what government agency could end up in your computer?
Godzilla Hacker took down 43 major website of what government?
Anonymous Group took down whose website over the Gaza conflict?
The Russian government asked Apple to hand over what?
Attackers breached Tor’s system to reveal what?
What scam did a 24 year old many use to steal $309,768 from Apple?
BY THE NUMBERS
Within 100,000, how many passwords did a Russian criminal group lift from 420,000 websites?
Credit Card Breach Confirmed At 33 restaurant locations. Which restaurant chain was it?
What popular developer network accidently exposed thousands of developers emails and password?
On average, how many vulnerabilities did researchers find per Internet of Things device?
Within 5%, what percent of employees xpose critical corporate data by mistake?
Within 5%, how many Critical Infrastructure Providers were breached last year?
REALLY? THAT’S UNBELIEVABLE!
EZ-Pass was hit with what kind of scheme to defraud users?
A warrant authorized the FBI to Track and do what to people’s computers?
Android malware SandroRAT disguises itself as what?
Scientists reconstruct “what” by watching a bag of potato chips?
THE BUSINESS SIDE
Google fixed what security hole in Android?
What should be of high concern for travelers using business centers at the hotel?
LIGHTNING ROUND
NOTHING BUT OWASP
Within 5000, how many listens has the OWASP 24/7 Podcast had within the past 9 months?
Within 10, how many projects are currently under evaluation by the Johanna and the evaluation committee?
141 Projects
In the OWASP Top 10, what does section A9 cover?
What very popular project does Colin Watson run?
How many days until AppSec USA 2014?
TALLY THE SCORE: WHO WON?
THANK YOU TO THE PANEL
A NEW OWASP PROJECT: THE WAIT WAIT GAME
Mark.Miller@OWASP.org
Wait, wait! Don’t pwn me!
August 2014 Security News Headlines Q&A game
top related