Recommended Talks
Clifford Stoll Revisits The Cukoo’s Egg
One of my favorite conference keynotes – Cliff Stoll in all of his eccentricity and enthusiasm revisiting the original slidedeck he used to describe the ‘Cuckoo’s Egg’.
Carmen Medina on Intelligence Analysis
An excellent discussion of the need for critical thinking in intelligence analysis –along with a healthy dose of skepticism regarding over-adherence to models.
Rob Joyce on Making TAO’s Life Harder
Who better than the director of NSA’s Tailored Access Operations to talk about meaningful measures that complicate the lives of APT operators?
Costin Raiu on Malware Paleontology
My friend and mentor Costin Raiu discusses APT research as malware paleontology along with interesting findings of code similarity analysis and other novel approaches.
Vitaly Kamluk’s YARA Black Magic (Part 1)
While there are a few notable YARA masters, no one has made our favorite tool bend to their will quite as impressively as Master Vitaly. This talk not only teaches how to use YARA for interesting hunting but also uses YARA to output his slide deck.
Vitaly Kamluk’s YARA Black Magic (Part 2)
I haven’t been able to locate a full video of the sequel to Master Vitaly’s YARA presentation… the video above is a spoiler of the grand finale –where he uses 0-day exploit in YARA to play DOOM.
Dan Geer on the Realpolitik of Cybersecurity
There are few living speakers whose words reward deep thought, pause, and revisiting –much less so in our field. Dan Geer is the exception.
Francisco Donoso dives into DSz
An excellent deep dive into the myriad capabilities of the Equation Group’s DanderSpritz (DSz) post-exploitation framework. Francisco also maintains excellent public documentation for this DSz.
Nicholas Weaver tears cryptocurrency to shreds.
This podcast is a masterful breakdown of the impracticalities, self-delusions, externalities, and perverse incentives of the cryptocurrency space.
Trevor Paglen’s Six Landscapes
An artist’s view on the overt infrastructure that supports covert operations.
NSA Operation ORCHESTRA Annual Report
A brilliant premise– an NSA analyst walks into the wrong room to provide an annual report on an operation to infiltrate the open-source security community and warp it for NSA’s purposes.