IOActive’s Joshua Pennell and Barnaby Jack to present at SOURCE Barcelona

Pennell’s presentation will focus on the state of Smart Grid security and Jack will discuss software vulnerabilities discovered in Automated Teller Machines

Seattle, Wash—September 15, 2010. IOActive, a leading provider of software and hardware assurance, compliance, and smart grid security services, today announced that its Founder and President, Joshua Pennell, will present Smart Grid Security at SOURCE Barcelona. SOURCE Conference is the first and only conference that combines advanced technology and application security practices with the business of security in an intimate and manageable environment.

During his presentation, Pennell will highlight IOActive’s research that uncovered multiple programming errors and security vulnerabilities in smart meter devices. Pennell also will share best practices that meter vendors can adopt to mitigate these existing vulnerabilities, as well as develop more secure products in the future.

WHAT  Smart Grid Security

WHERE  Museu Nacional D’art de Catalunya, Barcelona, Spain.

WHEN  September 22, 2010. 10—10:50 am.

HOW  For more information, visit their website.

IOActive’s Director of Security Testing, Barnaby Jack, will present Jackpotting Automated Teller Machines at SOURCE Barcelona. His research goes beyond the more common physical attacks on Automated Teller Machines (ATMs) and reveals software-based attacks. He will demonstrate both local and remote attacks, and reveal a multi-platform rootkit. The rootkit was specifically designed for ATMs to give an attacker the ability to dispense cash from the machine, retrieve ATM passwords and settings, and retrieve tracking data remotely.

WHAT  Jackpotting Automated Teller Machines

WHERE  Museu Nacional D’art de Catalunya, Barcelona, Spain.

WHEN  September 21, 2010. 5:20—6:10 pm.

HOW  For more information, visit their website.

About Joshua Pennell
As IOActive's Founder and President, Joshua Pennell has an 11-year entrepreneurial track record of creating and maintaining a multimillion-dollar, customer-focused, independent global security services organization. Through Pennell's leadership, IOActive has emerged as one of the world's longest standing, highly technical boutique security consultancies with a history based on cutting-edge research and meritocratic governance.

Pennell serves on the advisory boards of Source, Vantos, and SiteScout. He is also the Chairman of IOActive's advisory board, which includes such computer industry luminaries as Steve Wozniak, Jim Reavis, and Jason Larsen. In years past, Pennell played an integral role in helping his team win DefCon's Capture the Flag competition for three consecutive years, followed by another three years of technically revolutionizing the competition before handing the game over to Kenshoto.

About Barnaby Jack
Barnaby Jack is IOActive’s Director of Security Testing, where he explores emerging threats, and ensures IOActive stays on the competitive edge and offers superior value. With over 10 years’ experience in security consulting and research, Jack has targeted everything from low-level Windows drivers to the exploitation of Automated Teller Machines. He has subsequently been credited with the discovery of numerous vulnerabilities, and published multiple papers on new exploitation methods and techniques.

About IOActive
Established in 1998, IOActive is an industry leader that offers comprehensive computer security services with specializations in smart grid technologies, software assurance, and compliance. Boasting a well-rounded and diverse clientele, IOActive works with a majority of Global 500 companies including power and utility, hardware, retail, financial, media, aerospace, high-tech, and software development organizations. As a home for highly skilled and experienced professionals, IOActive attracts the likes of Barnaby Jack, Ilja van Sprundel, Mike Davis and Michael Milvich—talented consultants who contribute to the growing body of security knowledge by speaking at such elite conferences as Black Hat, Ruxcon, Defcon, BlueHat, CanSec, and WhatTheHack. For more information, visit www.ioactive.com.

-###-