2011年8月6日 星期六

Xecure Lab at Defcon 19

Last year thousands of Defcon folks had to squeeze at the Riviera, it was a nightmare to move between different tracks; but this year thanks to Defcon goons for choosing Rio, the venue is big and cozy! It feels like paying a Defcon ticket and enjoy a Blackhat venue! xd

Our talk APT Secrets in Asia was given on the first day, first session. We really appreciate everyone that came over and stayed with us for almost 2 hours. The talk was rejected by Blackhat 2011 but accepted by Defcon 2011, otherwise we wouldn't have chance to share with the security community. As we always believe in, hackers and security gurus should team up, have fun, and together we can outsmart the attackers making them in the light.

Special thanks to many good friends of us, Mila, you inspired us; TT and Nanika, you guys sitting in the first row, awesome; Birdman, PK, Mars, Bob, safe guarding our home base, the system ran very smoothly and did not get owned, save Anthony and Benson on the stage; and buddies from Chroot security group in Taiwan, you are always with us. There are also several respected seniors flying over for the talk, we really appreciate their support. Thank you mama!

This year we had developed a free APT online scanning service,
Xecure Lab APT Deezer, http://aptdeezer.xecure-lab.com/, and is now available to everyone*. APT Deezer would tell you whether the document is APT-related or not, and provide visualization of analysis data (clustering of APT taskforces). Both file names and md5 are rounded-off a bit to keep anonymity. If you have more concerns or questions, feel free to write us at benson.wu (at) xecure-lab dot com
*Disclaimer: We have no interest with your PII, we will not collect any of your identity information, e.g. your IP, your geographical location, and so-on.

Oh, this time the Defcon badge is not electronic, but a piece of metal, made from commercially pure titanium. Awesome. (The Blackhat badge is made from Nylon as usual)


The badge on the left is the speaker badge, the one on the right is the human badge, there are also (G)oon, (P)ress, (V)endor, (C)ontest, (U)ber, etc. Enough variants to entertain everyone.

Anyway, the antiqued badge is cool, and moving to a puzzle based reality game is something different.


We want all these swag, but cash only... -.-



More readings:

Sincerely yours,
Xecure Lab team

2 則留言:

  1. >> the system ran very smoothly and did not get owned

    Really?

    >> we will not collect any of your identity information, e.g. your IP,

    Really?

    回覆刪除
  2. Yup. xsorry. If there are bugs, we'd fix it; if it gets owned, we'd rescue it, after all it's not a wargame, no CTF... @@
    And we enjoy solving problems that make positive differences to the world, the attackers operate in groups, while the defenders are being tackled one by one. We shared our research work hoping to stimulate the info security market for next-generation security solution: not only we need anti-virus solution for mass production malware, but also anti-APT solution for quality-crafted attack. And we open our solution for the community to use because it's the right way to help everyone that cares this APT issue. We don't see values in doing evil stuff such as collecting users' PII, and there's no registration, no login, no nothing required. Not to mention there's nothing to hide in hackers' world. Anyway, we got to work, every minute counts. Thank you for the comments. ;-)

    回覆刪除