This summer is shaping up to be rather action packed.
- BSides Pittsburgh is June 6th. I’m organizing this one, so hopefully it is good.
- BSides Cleveland is in July. I had attended the last one in 2012. I’m a little concerned about it being in a bar. I’ve heard negative things about ThotCon primarily being a drinking event rather than a learning event. In any case, I will be attending.
- BSides Las Vegas is in August.
- DEFCON is in August.
Pittsburgh should be interesting this summer. First is the report that Alcoa, ATI, U. S. Steel, USW, and Westinghouse were all breached in 2010. Now is a report that UPMC was breached. The banks were poaching talent and buying technology last year during Operation Ababil.
Major Tech News:
I’m not convinced Heartbleed is as big of a deal as the rest of the community is making it. Everything internet accessible that matters should have already been patched by this point. There will be vulnerable internal systems, but that is just another easy pivot for attackers to use. Most networks already have plenty of easy pivot points, adding some more doesn’t seem to significantly change the landscape.
I think Windows XP will be the big issue. Sure, Microsoft has patched some vulnerabilities, but I predict more this summer. Dropping malware on Windows XP systems this summer is going to be the big thing. This gets you in to the network.