Dr. Melanie Rieback is the CEO/Co-founder of Radically Open Security, the world’s first non-profit computer security consultancy company. It’s a collective of hackers who aim to disrupt the computer security market with their ideals — give 90% of profits to charity (the NLnet Foundation), release all their tools into the open-source, invite customers to actively participate, and generally optimize for openness, transparency, and community service.
Melanie is also a former Assistant Professor of Computer Science at VU who performed RFID security research (RFID Virus and RFID Guardian), that attracted worldwide press coverage, and won several awards (VU Mediakomeet, ISOC Award, NWO I/O award, IEEE Percom Best Paper, USENIX Lisa Best Paper). Melanie worked as a Senior Engineering Manager on XenClient at Citrix, where she led their Vancouver office. She was also the head researcher in the CSIRT at ING Bank, where she spearheaded their Analysis Lab and the ING Core Threat Intelligence Project. For fun, she co-founded the Dutch Girl Geek Dinner in 2008.
Melanie was named 2010 ICT Professional of the Year (Finalist) by WomeninIT, one of the 400 most successful women in the Netherlands by Viva Magazine (Viva400) in 2010 and 2017, one of the fifty most inspiring women in tech (Inspiring Fifty Netherlands) in 2016 and 2017, and the Most Innovative IT Leader by CIO Magazine NL (TIM Award) in 2017. Her company, Radically Open Security was also named the 50th Most Innovative SME by the Dutch Chamber of Commerce (MKB Innovatie Top 100) in 2016.
Spearphishing is a known tactic, but how about using spam as a phishing vector? This presentation introduces “phishing spam”, an open-source Spearphishing Toolkit. The need, process and methods used for spearphishing are illustrated through an actual client case from Radically Open Security. The case has a surprising ending with an ethical + philosophical twist. This is the kind of story that only comes from the trenches.
This demo is a custom built demo targeting the level of the participants. Melanie will set up a hacking environment in which the participants will partake in a custom hacking challenge battling in teams. Besides hacking challenges, this demo can be altered for beginners with challenges like lock picking.
We have all received an e-mail with a suspicious link or attachment. During this demo Melanie will show what the consequences are if you click on a malicious link in an e-mail. She will tell participants more about how hackers use the technique cross-site scripting and the tool Browser Exploitation Framework (BeEF). Using the same tools Melanie will demonstrate how she can make webpages dance on your screen, turn the webcam on and sniff passwords.
We have entered the era of President Trump. Activists, NGOs, and charities thus need to reexamine the stability of (and motives behind) their funding sources. Surprisingly, business is an excellent tool that one can leverage to change the system. While business is not perceived as sexy by most activist-types, this talk will explain why social enterprises are tactical, lightweight, independent, effective, and why they are now more important than ever.
This presentation introduces the concept of the Nonprofit Company (based upon the Dutch concept of a Fiscal Fundraising Institution). Melanie Rieback is the CEO/Co-founder of Radically Open Security, the world’s first non-profit computer security consultancy company. She will present a few case studies (in the IT industry), and provide a number of compelling reasons why your next startup should be… not-for-profit!
Both startups and multinationals cling to outdated reasons for proprietary business models: “competitors will steal our stuff”, “services aren’t scalable”, “corporate customers won’t take us seriously if our product is free”. However, in the modern world of Uber+AirBNB and DevOps-style BizDev, these assumptions no longer apply. This talk will explain why open-source is the best way for your company to achieve disruptive success in your industry.
Having a strong password is part of securing your data. In this demo Melanie will explain the theory behind passwords, explain what a strong password or -sentence means and she will show how she can crack actual passwords given by participants of the demo.
In this talk Melanie Rieback introduces the basics of Pentesting ChatOps, and will discuss the processes and open-source tools needed to enable Pentesting ChatOps within your own organization.
ChatOps, a concept originating from Github, is chatroom-driven DevOps for distributed teams, using chatbots (like Hubot) to execute custom scripts and plugins. We have applied the concept of ChatOps to the penetration testing workflow, and found that it fits outstandingly – for everything from routine scanning to spearphishing to pentest gamification. This talk discusses the tools that we use (RocketChat, Hubot, Gitlab, pentesting tools), and provides battle stories of using Pentesting ChatOps in practice.
In this custom built demo. Melanie will set up a simulation with a war like pentesting challenge. The red team will try and attack while the blue team has to monitor and defend. This interactive demo is a great way to learn more about the attacker mindset and how to defend yourself against attackers.
Nowadays we spend a lot of time behind our computer ,which means our computer stores a lot of data and even data we have forgotten about. Melanie will show how she can retrieve all kinds of unencrypted data, for instance passwords, from a (Windows) computer.
When it comes to IT assets: Is there a tension between security and openness? The prevailing wisdom is that there is. As Melanie Rieback explains, there needn’t be. Melanie discusses how open source methods and transparency help to improve security. Those who want to defend against cyberattacks should cooperate with each other, because the truth is attackers do too.
Public wi-fi access points are everywhere nowadays. In this demo Melanie Rieback will show how dangerous these widely available public wi-fi networks are. Using a ‘pineapple’ device, Melanie will show how she can collect data and interfere with how you surf the internet. During the demo you can connect your own device with the pineapple and see for yourself what others can see and do while you’re using public wi-fi.