The UtahSAINT Conference has become the most important security conference event in the State of Utah by remaining true to our core values: Serving the information security community and providing valuable and actionable security information in a fun and exciting environment.
After a long and frustrating search for a new venue for UtahSAINT, we learned in early Summer that our efforts to find a venue in northern Utah were not going to pan out. There are a lot of reasons, but the major ones are cost and capacity.
After our failures to find a suitable new venue in the timeframe we needed, we reached out to Dixie State College of Utah and they have graciously offered to host the UtahSAINT Conference once again this year.
We would like to express our gratitude to Dixie College for their willingess to once again allow a bunch of security geeks to descend on their facilities, and contribute all of the time and resources that go into making the conference successful.
Taylor Health Science Center
1526 Medical Center Dr.
St. George, Utah 84790
Get your hotel reservations early! Once again we are booking our conference in St. George at the same time that the Sr. Olympic Games are going on. Rooms will fill up quickly. This year we have elected to NOT have blocks of rooms at hotels arranged. We are unable to commit to paying for unsold rooms, and feel that most attendees do not always utilize blocked out rooms.
The cost of the conference this year is $175.
The purpose of the increased cost is to cover the increased costs of the materials and tools being distributed to the attendees.
Lock Pick Sets -- USB 3.0 Drive -- Mini-USB Arduino Based Hardware -- Printed Materials -- All-You-Can-Drink Beverages -- Provided Meals -- Much more..
Beginning August 15, 2012, as tradition dictates, we will be opening up registration to UtahSAINT Members. This provides the membership with the first opportunity to get a seat at the conference.
On August 20, 2012 we will open registration to the general public and remain open until all seats are sold.
Register early!! There are only 150 seats available. When they are gone, they are gone!
Once again this year we will be offering the option to stream the conference. This is a very popular option, and this year we will be providing it in 720p HD. You will not however be able to stream both sessions of the conference. Due to the time and equipment we have available, we will only be streaming Track One of the conference. We apologize to those of you who would like to see the Track Two content.
To participate in the stream, you will need to register for the conference, but select the STREAMING option. Only those who register for streaming will be provided with the codes necessary to participate in the online stream
In the past 18 months, a series of highly sophisticated and targeted cyber-attacks across the globe have revealed a seismic shift in the threat landscape. With both private and public-sector organizations, targeted attacks are becoming increasingly advanced and audacious. In March of 2011 RSA suffered a significant and highly publicized cyber-attack. This presentation will detail the elements of the attack, the lessons learned by RSA, and suggested best practices for continuing to combat Advanced Persistent Threats.
An indepth training on Lock Picking. Learn to use the tools to perform this critical penetration test function. Tools and instruction will be provided to attendees at the conference. Includes: Lock Pick Set, Test Locks, Instruction Materials.
A look at the recent high-profile attacks against the State of Utah. A discusson of how the attacks happened, processes both effective and uneffective used during the incidents, and the lessons learned we think are important to share with the rest of the State.
Learn about a mix of deceptive tactics to bypass physical and social human perimeters. Get your hands wet with ardruino hardware and client side attacks.
Cybersecurity training is an important issue for everyone. We will discuss the options you have available to you, and some cool ideas we have to make it even better.
We have finally talked Miles into sharing his deepest and darkest security secrets!!
Our first ever Black Badge defender will guide us down a pathway of culinary bliss!! Oh and he will probably talk about some cool security stuff as well.
The TCP/IP Swiss Army Knife! Learn how to build custom network TCP / UDP connections, redirect shells, create backdoors, TCP relays, and much much more.
An introduction to network security monitoring using the Security Onion linux distribution. We'll install multiple Snort sensors and dive into malicious packet captures using built in tools including: Snorby, Squil, Squirt, and Xplico.
An overview of the Def Con conference and the security bombshells which made their way into the public domain
We will cover the last 12 months of Miscreant Trends and Tactics. A lot has changed in the past year, and the targeting of information has begun to shift to new methods. We will explore these methods and discuss ways to protect yourself and your organizations from the threats.
Our friends at the FBI will disucss with us the proper ways and situations to involve Law Enforcement in incidents on your networks. We will also have an opportunity to learn about what Law Enforcement is doing in the cyber security arenas and how the UtahSAINT community can properly assist in this mission.
We will dive into the specific configurations and methods used to secure your Cisco Routers and Switches. This is especially valueable for those of you running infrastructure in an environment where they are not hiding behind a firewall, or otherwise have semi-public traffic.
Something new is coming...
We have been developing another interesting tool at UEN to help monitor the network. We think you might think its interesting too. We will show you what it is during this presentation
We will introduce the Illinicloud to members of the SAINT community. Covering the use of Disaster recovery, Software-As-A-Service, Infrastructure-as-a-service, and online file storage and syncing in the Illinicloud. We will discuss security measures we employ to secure data in the cloud. Background info: The IlliniCloud is a coop of schools who came together and formed their own community cloud. Today there are 300+ schools and government agencies represented. We have won numerous awards including SNW's 2011's Best Practices in Virtualization and Cloud Computing.
In a world where people always forget to secure their protocols, we find that nearly all home Wifi routers are vulnerable to a brute force attack agains the Wifi Protected Setup *feature*. This talk will discuss how WPS works and why its vulnerable. We will also walk through a demonstration of how to attack your neighbors for fun, no profit, and possibly jail time. Oh, and we'll show you how to protect yourself, because that is whole point of this topic isn't it? **Bring your promiscuous wifi adapters and laptops**
Bluetooth packet sniffing is getting a makeover in the VERY near future. In the past, Bluetooth sniffing has never been an easy task for anyone who doesn't have thousands of dollars to spend on equipment. However, these days, there is a project in the works that will likely put the power of bluetooth sniffing in the hands of those with just a couple hundred dollars. Its called the Ubertooth One. This presentation will discuss the current development of the Ubertooth One as well as how it can be used to sniff Bluetooth packets.
Dive into the magnificent realm of PHP and scribe your web applications with security and the greatest of confidence. Impress blokes, bosses, supervision, co-workers and those down at the pub with the bees knees new skills that will keep them wondering how you can know your way so well around a technical spanner. You may feel like a tosser now but after this class you will know coding from A to Zed and will leave those around you gobsmacked! We will use xampp. A tad bit knowledge of PHP on your part will come in handy.
Things you can learn about your user's passwords with a $1000 system and 6,000,000 exposed hashes.
If you are providing Video Surveillance for your organization, you will want to attend this session as we will discuss items such as proper protocol for who can view archived video on the system, rules for posting notifications of video surveillance, GRAMA issues, etc..
Yes, there will be a Hackers Challenge Game for those of you that need a reason to not pay attention to the con.
Come prepared to use your hackers thinking cap. The puzzles are more crazy than ever. You may also find one or two that are similar to years past coming back to haunt you.
Here is the Challenge:
FWOSE SOSEHU US.OI.Z OHDSTH FNPER THYUNAE ROEOTOI EUSEACOSGNR TCSFE UGX ZIGFHUEHDO HAIARLUTZ TIOAWTILA ONT LSDRPLE SRLIHNEN SSHLTBEAEWT WLLETTD EEETHEOR.HEA ELF.TZ OEMHEAU TGERRN NOTEI FTAENBT OORADGE LRRS YHDSYLTFT ENSEEL IA2 OENEOEHTOYDLMDOT I5 UCELUTI HTOPAE TWSS .
Hint #1: I hate whitespace too.
Hint #2: http://www.youtube.com/watch?v=VMitkRc5jHA
Hint #3: Frequency Analysis might tell you more about this data. http://en.wikipedia.org/wiki/Frequency_analysis