by James Habben
BSides LA - the only security con on the beach. If you haven’t had the opportunity to attend, you should make the effort. The volunteer staff are dedicated to making sure the conference goes well, and this year was another example of their hard work.
I enjoyed attending and learning from a number of sessions and was tickled happy to see so many presenters referencing the Verizon DBIR to give weight to their message. The corpus of data gives us so many ways to improve our industry. You should consider contributing data from your own investigations through the VERIS framework, if you don’t already.
My presentation was titled “USB Device Analysis” and I had a lot of great conversations afterwards because of it. It was great meeting new faces that are both young and old in the industry. The enthusiasm is infectious!
Many asked me for my slides, so I thought I would share them here along with some of these thoughts. Thanks to everyone for attending my talk and to the BSides organizers for having me.
One thing I talked about that isn’t in the slides is the need for user security awareness training. The studies mentioned in the slides show that from 2011 to 2016, not much has changed with the public awareness of the danger around plugging in unknown USB drives. This has been demonstrated too many times to be a easy an effective way for attackers to infiltrate a chosen target.
For those of you that are in the Incident Response role, you don’t even have a chance to get involved unless your users realize the threat.
My slides: https://mega.nz/#%21gNMTRCzT%21EHcXimw_TNks6mjlxMHjeBBWs6UE95b78Airb4nWOXM
diff-pnp-devices.ps1 on GitHub: https://gist.github.com/JamesHabben/da47363ffa70a5b4bec07777dedc87da
Feel free to reach out with questions.
James Habben
tags: BSides