It's time...


Securi-Tay is an information security conference held annually at Abertay University, organised by Abertay University's Ethical Hacking Society. This year's edition will welcome over 350 attendees and marks the eleventh annual Securi-Tay, Europe's largest student-run information security conference.

Securi-Tay runs across three separate tracks and welcomes talks from both seasoned professionals and first-time speakers! Additionally, there are spaces available to host workshops in a separate workshop village throughout the day.


Securi-Tay would not be possible without the support and generosity of our sponsors; attendees will have the opportunity to network with some of our sponsors in the main exhibition space throughout the event.


This year the conference will be run on Friday 3rd of March at Abertay University.

Attendees of Securi-Tay must abide by the Abertay Hackers Code of Conduct which can be found here.

Unfortunately, tickets are now sold out.

Sponsors


Schedule


Times Track 1 Track 2 Track 3 Workshops
0845 Registration
0945 Opening Remarks
The Committee
1000 Opening Keynote: Practical VoIP/UC Hacking Using Mr.SIP: SIP-Based Audit & Attack Tool
Melih Tas
1100 Digital Forensics: Samsung + regex = heat
Ian Ferguson
Circle of Failure: Why the Cyber Security Industry Doesn't Work
Richard Hollis
Phishing in the Age of Skynet: Cybersecurity and the Threat of Machine Learning
Marc Kydd
Deception Engineering with Open Source Canaries
Casey Smith and Jacob Torrey
Spec Driven Research for Fun and Profit
Rory McCune
1200 Protecting Power: Cyber Security in the Energy Industry
Kinga Kieczkowska
I Have No Idea What I'm Doing
Sean Wright
The Puppet Master's Strings
Ciaran Byrne
Demystifying Process Injection
Keith Learmonth
1300 Lunch
1400 Blackpill or Redpill?: The Secret Lives of Incels
Tia
Demonstrating Actionable Value: Why the Business Hates Pentesters
Andy Gill
Are the UK's data laws still fit for purpose?
George Brightman
Modern macOS Malware
Michael Jack
1500 Collecting Contextual Intelligence at Scale Using Cyber Deception
Xavier Bellekens
Hey Securi-Tay 2023 - Choose Your Own Talk
David McKenzie
Dumb ways to Cryptographic Failures
Abrar Khan
Reverse Engineering 101
Declan Woodham
UFOSINT Open Source Intelligence and Unidentified Aerial Phenomena
Isaac Basque-Rice
1600 What is real media anymore?
Corey Forbes
A Penetration Tester Had a Job AI AI – OH… ☹
Daniel Cannon
From 2nd Year Ethical Hacking Student to Security Analyst. What does a SOC Analyst actually do?
Anna Mazurkiewicz
Honeyyy Trap - A bad day for a threat actor
Dónnan Mallon
1700 Break
1715 Closing Keynote: Growing as an MSSP SOC: Encounters from the front lines
Danny Henderson and Stanislav Dimitrov
1815 Closing Remarks
The Committee
1830 After Party
WithSecure

Registration

Registration will be in the foyer of the cyberQuarter. Follow the signs and volunteers to sign in and collect your free swag!

60 mins

cyberQuarter Foyer

Opening Remarks - The Committee

A brief welcome and introduction to the conference.

60 mins

All Tracks

Opening Keynote: Practical VoIP/UC Hacking Using Mr.SIP: SIP-Based Audit & Attack Tool - Melih Tas

In this talk, we will introduce the most comprehensive offensive VoIP security tool ever developed so far, Mr.SIP (comprehensive version). We will make common attack scenarios demonstration using Mr.SIP in our security laboratory. Furthermore, we will also introduce novel SIP-based attacks using the vulnerabilities we found in the SIP retransmission mechanism and reflection logic.

About Mr.SIP: Mr.SIP is developed to assist security experts and system administrators who want to perform security tests for VoIP systems and to measure and evaluate security risks. It quickly discovers all VoIP components and services in a network topology along with the vendor, brand, and version information, and detects current vulnerabilities, and configuration errors. It provides an environment to assist in performing advanced attacks to simulate abuse of detected vulnerabilities. It detects SIP components and existing users on the network, intervenes, filters, and manipulates call information, develops DoS-type attacks, breaks user passwords, and can test the server system by sending irregular messages.

Status-controlled call flow and the ability to bypass anomaly systems stand out as Mr.SIP’s unique aspects. It also has strengths and competencies in terms of advanced fake IP address generation, fuzzing, password cracker, interactive inter-module attack kit, and MiTM features.

60 mins

All Tracks

Digital Forensics: Samsung + regex = heat - Ian Ferguson

This talk will describe some recent experiences of doing a live digital forensics investigation in collaboration with Police Scotland. The investigation involved the need to examine an Android mobile phone to determine whether or not a particular game was in use on the phone at a certain time. I'll describe the thought process that lead to the discovery of a new source of DF evidence and the programming techniques and thinking required to find and extract it.

60 mins

Track 1


About Ian Ferguson

Ian Ferguson has been doing Digital Forensics for longer than he wants to remember but he still thinks he's a software engineer.

Circle of Failure: Why the Cyber Security Industry Doesn't Work - Richard Hollis

If the cyber security industry was established to prevent breaches – it has failed miserably. Last year over 8 billion records were reported compromised. Not good. The World Economic Forum recently included cyber-attacks, data fraud and information theft in their Top 10 list of risks considered either most likely to occur, most impactful should they occur, or most concerning for doing business globally. Also, not good. Clearly the cyber security industry is not up to the job. The presentation is a frank assessment of how and why our vendors, service providers and businesses have failed to meet the fundamental challenges of cyber security.

60 mins

Track 2


About Richard Hollis

Richard Hollis is the Director of Risk Crew, a London-based cyber security risk management consultancy. A recognised industry authority and celebrated speaker he has presented to hundreds of audiences across the world and appeared on national and international broadcast news shows as well as being cited in a wide range of press including the BBC, MSNBC, Radio 4 and the Financial Times, Time magazine and various others.

Phishing in the Age of Skynet: Cybersecurity and the Threat of Machine Learning - Marc Kydd

Over the past decade, machine learning has gone from niche curiosity to dominating every aspect of our lives. It helps us navigate, translate, and communicate. It helps us connect with others, be entertained, and remain productive. But while swept up in the hype, it can be easy to overlook the increasing risk that such systems pose - especially for cybersecurity.

This talks looks at the ways machine learning has gradually crept into our lives and how these systems are likely to, and in some cases are, completely reshaping the threat landscape - making it impossible to distinguish friend from foe.

30 mins

Track 3


About Marc Kydd

Marc is a PhD student working on Machine Learning and Usable Security. His research focuses on utilising natural language processing to counter fraud and deception online. He previously worked on misinformation detection and prevention.

Spec Driven Research for Fun and Profit - Rory McCune

In security research we are always trying to find interesting ways to poke at tech. in ways that'll produce security bugs. Whilst there are lots of tools at our disposal, one that doesn't always get enough attention, is reading specification documents. Often times these are designed by groups of people with different goals and can leave holes that make for interesting bugs.

This talk will try and get past all the SHOULDs and MUSTs and present a real-world case of how reading specs can lead to interesting research topics.

30 mins

Track 3


About Rory McCune

Rory has worked in the Information and IT Security arena for the last 22 years in a variety of roles in information security and penetration testing. These days he spends his work time on container and cloud native security. He is an active member of the container security community having delivered presentations at a variety of IT and Information security conferences. He has also presented at major containerization conferences and is an author of the CIS Benchmarks for Docker and Kubernetes and main author of the Mastering Container Security training course which has been delivered at numerous industry conferences including Blackhat USA. When he's not working, Rory can generally be found out walking and enjoying the scenery of the Scottish highlands.

Deception Engineering with Open Source Canaries - Casey Smith and Jacob Torrey

What can defenders do to prepare their networks in advance of an intrusion? How can they increase the likelihood of detecting adversaries in their organization? Honeypots have played a crucial role in detecting actual attacks over the years. This training will allow participants to explore free services like Canarytokens and OpenCanary. We will work through example case studies where Canarytokens or OpenCanary can work to detect unauthorized activity, despite all the other defensive products deployed. We also present ideas on how adversaries may alter behavior in the face of actual or perceived tripwires. How might an adversary change their approach, when they suspect they are operating in a network with many possible traps? This training offers lots of hands-on labs, and real-world practical examples.

120 mins

Workshops


About Casey Smith and Jacob Torrey

About Casey:
Casey Smith is a Senior Security Researcher at Thinkst Applied Research. He enjoys continually working to understand and evaluate the limits of defensive systems. He led the development of Atomic Red Team, an open-source testing platform that security teams can use to assess detection coverage. His background includes security analysis, threat research, penetration testing, and incident response. Casey has spoken at several security conferences. DerbyCon, Shmoocon, BlackHat USA, BlueHat, BlueHat IL, and Troopers.

About Jacob:
Jacob is the Head of Labs at Thinkst Applied Research. Prior to that he managed the HW/FW/VMM security team at AWS, and was a Program Manager at DARPA's Information Innovation Office (I2O). At DARPA he managed a cyber security R&D portfolio including the Configuration Security, Transparent Computing, and Cyber Fault-tolerant Attack Recovery programs. Starting his career at Assured Information Security, he led the Computer Architectures group performing bespoke research into low-level systems security and programming languages. Jacob has been a speaker and keynote at conferences around the world, from BlackHat USA, to SysCan, to TROOPERS and many more. When not in front of the computer, he enjoys trail running, volunteering as a firefighter/EMT, and hiking with his family.

Protecting Power: Cyber Security in the Energy Industry - Kinga Kieczkowska

This talk will introduce the audience to the cyber security landscape of the energy industry. I will cover the past, present and future of cyber security in the energy sector, including the following topics:

- What is the threat model of an energy company? What are their security priorities?
- Notable breaches and cyber attacks in the energy sector
- Telling the story of a few of the most notable cyber attacks in recent history (Petya/NotPetya in Ukraine, Colonial Pipeline in the US)
- Regulatory & compliance response
- What are the governments doing to ensure the cyber security of the grid?
- Future predictions and forecasts
- How is energy sector’s cyber security going to evolve in the coming years?

60 mins

Track 1


About Kinga Kieczkowska

I am a cyber security professional with a few years of quite varied experience. I went from being a security engineer, to security analyst, and I’m currently working as a cyber security specialist for a renewable energy startup. After hours I like to dabble in MacOS forensics and sometimes even blog about it.

I Have No Idea What I'm Doing - Sean Wright

Follow the tails of an Application Security Engineer trying to keep up with the latest technology and threats.

Technology continues to move at a rapid pace. And none more so than in cybersecurity. To make matters worse, it's a constant cat and mouse game with our arch nemesis, the attackers. It can feel like a never ending challenge (unfortunately it kind of is). But one that is manageable, and can even be fun!

Come join my talk to and hear about my journey as an Application Security Engineer trying their best to keep up to date. I will share some of the things that I've learnt along the way. Some of the things that I've found helpful, as well as the things that I haven't.

60 mins

Track 2


About Sean Wright

Experienced application security engineer with an origin as a software developer. Primarily focused on web-based application security with a special interest in TLS and supply chain related subjects. Experienced in providing technical leadership in relation to application security, as well as engaging with teams to improve the security of systems and applications that they develop and maintain. Passionate to be a part of the community and giving back to the community. Additionally, enjoys spending personal time performing personal security-related research.

The Puppet Master's Strings - Ciaran Byrne

Conducting cyber attacks can be a hassle, with attackers leaving a breadcrumb trail of evidence. To combat this, many Red Teams turn to Command and Control frameworks (C2) for assistance. C2 frameworks allow for remote access and control of compromised systems, data exfiltration, and ongoing undetected attacks. In this talk, we will delve into the various capabilities of C2 frameworks, such as communication through different internet protocols, network obfuscation techniques using encryption and encoding, and client-side obfuscation for maintaining the presence of agents in memory.

30 mins

Track 3


About Ciaran Byrne

I'm an Abertay Ethical Hacking student interested in cyber security's offensive and defensive sides. With a strong background in computer networking and an interest in windows active directory, studying and understanding networking from an attacker's point of view to stay hidden and from a defensive point of view to hunt threats has been my thing for the last few years.

Demystifying Process Injection - Keith Learmonth

Process injection is a technique seen in almost every major network attack in recent years, and has been a ubiquitous component of every major post-exploitation framework as well, from Cobalt Strike to Metasploit's Meterpreter. However, it can be easy to take process injection for granted without understanding the details of what is actually occurring.

This talk aims to give an brief insight into how this tactic actually works, covering the basics of how windows processes are formed and how some major malware and hacking tools take advantage of legitimate tooling to bypass common defense tools and escalate privileges.

30 mins

Track 3


About Keith Learmonth

Currently working within the Incident Response team at Secureworks. Abertay Graduate, class of 2016.

Blackpill or Redpill?: The Secret Lives of Incels - Tia

Content Warning: This talk will discuss sensitive topics such as suicide, mental health and sexual violence.

Do you know your chad from your gymcel? Do you know what KTHHFV stands for? Know who Elliot Rodger is? If not, don't worry - this talk will tell you all you need to know about these not so friendly internet neighbours.

In this talk we’ll discuss what the ‘manosphere’ ecosystem is, the rise of the ‘incel’ and surrounding internet culture, how radicalisation is being made easier using the internet and why the incel movement is considered a legitimate terror risk.

60 mins

Track 1


About Tia

Tia is a young cybersecurity professional, having recently graduated from university. She is passionate about educating people about being safe online and highlighting the weird and unusual spaces of the internet.

Demonstrating Actionable Value: Why the Business Hates Pentesters - Andy Gill

Having performed many pentests over the years and spoken with lots of different types of folks in business one theme has always been apparent. For the most part the business hates techies, pentests are just a thing to be done and nobody wants to employ security from the ground up, it’s an inconvenience. In this talk I aim to deep dive some of the key things that we as consultants can do to bring greater value to businesses and avoid the common mistakes that folks make, I will also explain essential areas where extra value can be added as a pentester which will hopefully help folks looking to get into his sphere.

60 mins

Track 2


About Andy Gill

Andy has worked in the security industry for over a decade, primarily focused on offensive security and threat intelligence research. In his free time he can be found exploring the roads of Scotland with his car and the skies with his drones.

Are the UK's data laws still fit for purpose? - George Brightman

The talk will discuss how the UK's data laws are no longer fit for purpose and how they need to be better understood by everyone. The talk will look at how there are many repeat offenders of data law breaches and what common mistakes are made.

30 mins

Track 3


About George Brightman

3rd Year BEng(Hons) Cybersecurity & Forensics student at Edinburgh Napier Univeristy. Para-kayaker and amateur radio host. Have an interest in the legal side of computing and data.

Modern macOS Malware - Michael Jack

A whistle stop tour of modern (2019 - 2023) macOS malware’s favourite techniques.

30 mins

Track 3


About Michael Jack

Former AbertayHackers Vice Gaffer. Purveyor of macOS security & rum. War Studies postgrad Terrorism, Radicalisation & British intelligence.

Collecting Contextual Intelligence at Scale Using Cyber Deception - Xavier Bellekens

How do you build a contextual threat intelligence power house at scale. What happens when you deploy deceptive assets in different geographical locations to collect threat data for years. How do you identify human threat actors, and can you trick adversaries to interact with your decoys? In this talk, I will answer all of these questions and more & provide an overview of the lesson learned.

60 mins

Track 1


About Xavier Bellekens

Xavier Bellekens is the CEO and co-founder of Lupovis.io a cyber-deception startup, and a Nonresident Senior Fellow of the Scowcroft Center for Strategy and Security at the Atlantic Council. Previously, Xavier was an Assistant Professor at the University of Strathclyde and Abertay University. Xavier is also the Chair of the Cybersecurity Group for IEEE UK and Ireland.

Hey Securi-Tay 2023 - Choose Your Own Talk - David McKenzie

Career advice, war stories, opinions and interaction.
This talk lets YOU choose from a multitude of topics, this is your adventure – you decide.

Topics Include (but REALLY not limited to):
Worst incident ever
Red team or blue team
Degrees and Certs
What makes a good SOC Analyst
Profiting from fear and misery
At this point should I be laughing or crying
What do you do when someone steals your talk and gives it at the very next conference

Always different, always interactive, including dragging people on stage to help with the talk and the occasional Nerf demonstration…

60 mins

Track 2


About David McKenzie

Cyber, IT, Geek, may or may not be Batman, generally doer of good deeds. Experienced in all things blue team, incident responder and leader.

Career:
Now: Cyber Security Operations Director @ National Grid,
Previously: Head of Managed Security Services,
Principal Consultant in Managed Services,
Senior Technical Consultant, and Senior Incident Responder

Other Stuff:
Director and Founder - Cyber Increment Ltd
Co-Founder The Cyber Community
UK Chapter Lead - CSIRT.Global

Dumb ways to Cryptographic Failures - Abrar Khan

Cryptographic failures are a major security risk listed as the 2nd highest in the OWASP top 10. These failures occur due to a variety of reasons such as weak encryption algorithms, poor key management, implementation errors, and side-channel attacks. For example, using outdated encryption algorithms and poor key management can lead to the loss of protected information. Implementation errors and side-channel attacks can also make a cryptographic system vulnerable to attacks. Overall, cryptographic failures occur due to a lack of adherence to guidelines and best practices in the use and implementation of cryptographic techniques.

30 mins

Track 3


About Abrar Khan

Abrar Khan is a technology and cybersecurity enthusiast with a passion for learning and exploring new ideas. He is currently an Ethical Hacking Master's student at Abertay and is always open to exchanging knowledge and seeking out opportunities to apply what he learns in a practical and meaningful way. He believes that staying curious and engaged is key to maintaining a healthy mind and heart.

UFOSINT Open Source Intelligence and Unidentified Aerial Phenomena - Isaac Basque-Rice

UFOs, or more accurately UAPs (Unidentified Aerial Phenomena) have been a hot topic of conversation for many years now. In the popular imagination this kind of thing is normally reserved for conspiracy theorists and 'documentaries' on the History channel, however in recent years they have become an area of much serious discussion amongst scientists and various military organisations around the world. In this talk I'll go over some of the OSINT techniques used to debunk UFO conspiracies, as well as outlining some of the cases for which there is no conclusive explanation one way or the other (probably not aliens though).

30 mins

Track 3


About Isaac Basque-Rice

I'm a 4th year Ethical Hacking student at Abertay with interests in Threat Intelligence, Reverse Engineering, IoT technologies, and, of course, OSINT.

Reverse Engineering 101 - Declan Woodham

Interested in getting your hands on the bytes behind the binary? Reverse Engineering is the key to any vulnerability research project. This two-hour beginner workshop will teach you how to crack open native binaries and peer inside using Ghidra. Through a combination of slides and practical exercises pulled from our internal labs, with a 'zero to zero-day' approach, we are going to you started on your reverse engineering journey.

120 mins

Workshops


About Declan Woodham

Declan is an experienced vulnerability researcher at Interrupt Labs. In his career, he has focused primarily on mobile and embedded devices, looking for vulnerabilities and zero days within their underlying security architecture. A previous Abertay Ethical Hacking graduate, his technical background spans a wide range of topics, from reverse engineering to hardware hacking and vulnerability research.

What is real media anymore? - Corey Forbes

F*ck Disinformation. We all consume digital media daily, from the 6 O'Clock news, to your friends latest Instagram post or even the photo's printed in the free copy of the Metro. Doesn't matter how it gets to you in the end at some point that media was digital and that opens the opportunity for a digital touch-up for eye bags or a disastrous video of a political rival. In this talk I'd like to dive into what can be done to catch the mischievous edits and the deep-fakes alike.

60 mins

Track 1


About Corey Forbes

I work with a brilliant team at OpenOrigins where we are building a new social media platform called Frankli and establishing the foundations of a new Media Trust layer for the internet. I'm an Abertay grad who used to do pen testing and security training at MWR/F-Secure. In my spare time I enjoy playing with Raspberry Pi's and try to keep active with bouldering and the gym which is counteracted by my love of cooking.

A Penetration Tester Had a Job AI AI – OH… ☹ - Daniel Cannon

Unique live demonstrations will use audience interaction to determine how AI can be used to create and develop a never-before seen tool to achieve a goal. With audience participation, we will explore how AI can be used to increase the capability of penetration testers, and how a mastery of the core cyber security fundamentals will become more important than ever.

60 mins

Track 2


About Daniel Cannon

An enthusiastic and determined individual, Dan has spent over a decade working in the cyber security industry. Dan has been a pentester, a consultant, the head of a pentesting team of 30, a global head of technical assurance, a trainer, and much more.

Throughout his career he has always been keen to share knowledge and teach tradecraft to those working their way up and finding their niche. As a professional with extensive practical experience, Dan knows what skills are required to be successful in this industry.

When not delivering security consultancy services or training, Dan enjoys focussing on community outreach programs that teach students the skills needed to join the industry as well as working with military veterans transitioning into a civilian career in cyber security

From 2nd Year Ethical Hacking Student to Security Analyst. What does a SOC Analyst actually do? - Anna Mazurkiewicz

Having experienced half of the Ethical Hacking degree at Abertay and what it actually involves, I would like to talk about what I currently do in my job as a Security Analyst and how I got into cybersecurity in the first place. Not many students are exposed to the wide spectrum of what each job role in this industry is all about, so this talk will address one example. We will explore some of the tools we use, what a day in the life of an Analyst entails as well as some useful tips for students (seeing how I'm still one too - this is all very relevant and relatable!).

30 mins

Track 3


About Anna Mazurkiewicz

Graduate Apprentice Security Analyst, now in her 3rd year of a Cybersecurity Degree. Malware enthusiast who apart from cybersecurity, is really into travelling and outdoor adventures, such as hiking, skydiving etc.

Honeyyy Trap - A bad day for a threat actor - Dónnan Mallon

Honey pots have been a useful method of detecting and deceiving threat actors for many years. I'll be discussing an overview of what they are, how it can help an organisation get ahead of an attackers movement before it's too late and presenting a honeypot in action.

30 mins

Track 3


About Dónnan Mallon

I'm a security analyst that's been in the industry for over two years. I enjoy all things blue team related as well as hobbies including hiking/camping, reading, gaming and going to gigs.

Closing Keynote: Growing as an MSSP SOC: Encounters from the front lines - Danny Henderson and Stanislav Dimitrov

Quorum Cyber will present an overview of Managed Security Service Providers (MSSP), what they do and what it is like to work for one of the UK’s fastest growing MSSPs. The keynote will cover what a Security Operation Centre (SOC) is, how they work, different types and history. Furthermore, the talk will expand on QC's personal experience of growing their SOC and dealing with the challenges of operations.

60 mins

All Tracks


About Danny Henderson and Stanislav Dimitrov

About Danny:
Danny joined the Abertay MSc Ethical Hacking course in 2015 after being intrigued by the network security aspect of his bachelor’s degree at RGU. His cybersecurity journey has seen him work in various SOC's and CSO functions in Edinburgh's financial sector. He is now part of the SOC management team at Quorum Cyber. Every day in operations is a new challenge which he really enjoys!

About Stan:
Stan started his journey in cybersecurity in Abertay, where he graduated in 2018 from the Ethical Hacking course. Since then he has been part of several SOCs both internal and MSSP. He's been through several roles and currently is serving as a senior security analyst in Quorum. He loves challenges and has a great desire to improve everything he touches.

Closing Remarks - The Committee

A few words to conclude the day and thank everyone who made it possible

60 mins

All Tracks

After Party - WithSecure

Sponsored by WithSecure, join us for a few drinks and lots of awesome chat!

???

The Barrelman

Directions


The University's address is Bell Street, Dundee, Scotland, DD1 1HG.
The closest train station is Dundee Station.
The closest airports are Dundee Airport and Edinburgh Airport.
If you are driving, the closest parking lot is the multi-story Bell Street Car Park

Click for a map!