Recommended Talks

Clifford Stoll Revisits The Cukoo’s Egg

One of my favorite conference keynotes – Cliff Stoll in all of his eccentricity and enthusiasm revisiting the original slidedeck he used to describe the ‘Cuckoo’s Egg’.

Carmen Medina on Intelligence Analysis

An excellent discussion of the need for critical thinking in intelligence analysis –along with a healthy dose of skepticism regarding over-adherence to models.

Rob Joyce on Making TAO’s Life Harder

Who better than the director of NSA’s Tailored Access Operations to talk about meaningful measures that complicate the lives of APT operators?

Costin Raiu on Malware Paleontology

My friend and mentor Costin Raiu discusses APT research as malware paleontology along with interesting findings of code similarity analysis and other novel approaches.

Vitaly Kamluk’s YARA Black Magic (Part 1)

While there are a few notable YARA masters, no one has made our favorite tool bend to their will quite as impressively as Master Vitaly. This talk not only teaches how to use YARA for interesting hunting but also uses YARA to output his slide deck.

Vitaly Kamluk’s YARA Black Magic (Part 2)

I haven’t been able to locate a full video of the sequel to Master Vitaly’s YARA presentation… the video above is a spoiler of the grand finale –where he uses 0-day exploit in YARA to play DOOM.

Dan Geer on the Realpolitik of Cybersecurity

There are few living speakers whose words reward deep thought, pause, and revisiting –much less so in our field. Dan Geer is the exception.

Francisco Donoso dives into DSz

An excellent deep dive into the myriad capabilities of the Equation Group’s DanderSpritz (DSz) post-exploitation framework. Francisco also maintains excellent public documentation for this DSz.

Nicholas Weaver tears cryptocurrency to shreds.

This podcast is a masterful breakdown of the impracticalities, self-delusions, externalities, and perverse incentives of the cryptocurrency space.

Trevor Paglen’s Six Landscapes

An artist’s view on the overt infrastructure that supports covert operations.

Emmanuel Gadaix accidentally stumbles on a Telco apex predator.

An amazing talk that casually refers to an unidentified threat actor modifying Ericsson PLEX code with an in-memory Lua platform we casually refer to as ‘PLEXingEagle’.

NSA Operation ORCHESTRA Annual Report

A brilliant premise– an NSA analyst walks into the wrong room to provide an annual report on an operation to infiltrate the open-source security community and warp it for NSA’s purposes.