Tag: HOUSECCON

HouSecCon Didn’t Keep Their Word.

rainmakerLeave a comment

I’m more than a little mad right now. I flew in the night before, showed up early,  and stayed all day waiting on deck to be needed. Not only was I never needed, no one said thank you. The worst part…i found out I was deliberately passed over for another speaker.

Take a look at these two images. Look at the dates.  What do you think the logical conclusion of something like this would mean…As being told I was first alternate, you’d think they’d fill the spot with the first alternate. Right? Wrong.

I get to the event, and they don’t have a badge for me. No speaker swag bag (or even attendee bag…though I also had an attendee ticket). In the end I ended up getting a badge and pack.  More than anything, it was an embarrassing experience. Poor speaker management indeed.

Honestly, the conference was nice. The speakers that did speak, spoke excellently. I met some fascinating people. If I weren’t screwed over so royally, I would have enjoyed attending. Unless I get an apology, I have no intention of attending HouSecCon (Houston Security Conference) again.

So lessons learned the last 24 hours.

  • How to submit a CFP…properly.
  • Only attend conferences as a speaker when they confirm you as a speaker.
  • Learn to walk away.

On the bright side, I’m confirmed to speak at BSidesOK tomorrow.
I’m looking forward to that!

Easy way to stop ransomware!

rainmakerLeave a comment

So I’m here today in Houston at HouSecCon.

Listening to Michael Gough he had a fantastic idea. It’s near impossible to retrain the end user from double-clicking. Rather we need to be smart and disassociate the malicious filetype with the underlying engine running it. This was done OOTB with .ps1 files. We should just do the same with all the other file types.  This can be done via group policy. For home users, this is not possible. So…I wrote a script to do this for you. Feel free to download it here. 

@echo off
echo ” ____ ”
echo ” | _ \ __ _ _ __ ___ ___ _ __ _____ ____ _ _ __ ___ ”
echo ” | |_) / _` | ‘_ \/ __|/ _ \| ‘_ ` _ \ \ /\ / / _` | ‘__/ _ \ ”
echo ” | _ < (_| | | | \__ \ (_) | | | | | \ V V / (_| | | | __/ ”
echo ” |_|_\_\__,_|_| |_|___/\___/|_| |_| |_|\_/\_/ \__,_|_| \___| ”
echo ” | __ )| | ___ ___| | _____ _ __ ”
echo ” | _ \| |/ _ \ / __| |/ / _ \ ‘__| ”
echo ” | |_) | | (_) | (__| < __/ | ”
echo ” |____/|_|\___/ \___|_|\_\___|_| ”
echo ” By: Andy Thompson”
echo ” www.MeteorMusic.com”
echo ” @R41nM4kr”

assoc .js=poss_bad
assoc .jse=poss_bad
assoc .wsf=poss_bad
assoc .wsh=poss_bad
assoc .hte=poss_bad
assoc .lng=poss_bad
assoc .ps1=poss_bad
assoc .cmd=poss_bad
assoc .bat=poss_bad
assoc .vbs=poss_bad
assoc .vbe=poss_bad
ftype poss_bad=c:\Program Files\Windows NT\Accessories\wordpad.exe %1

echo “Done! Have a great day!”

pause