“I Got an Alert, Now What?” is an informative talk by Kellon Benson, Senior Incident Handler at Red Canary, where he guides the audience through the process of swiftly assessing new security alerts and determining their threat potential. Using live data from Emotet and CarbonBlack’s EDR, Kellon demonstrates practical investigation techniques, highlighting the significance of asking pertinent questions to make informed decisions.
“Why Developers Hate Infosec” explores the often tense relationship between developers and cybersecurity professionals. The talk addresses the reasons behind this friction, pointing out that security experts often break developers’ work and provide unhelpful, cryptic guidelines without clear solutions. To improve this dynamic, the speaker emphasizes the need for a change in attitudes and behaviors within the cybersecurity community, acknowledging their contribution to the problem.
Ken “s1ngular1ty” Pyle explores the world of exploiting Cross-Site Scripting (XSS) vulnerabilities on Layer 2 devices like routers and switches. He demonstrates how seemingly innocent XSS or unsanitized input vectors can be transformed into covert network protocols, enabling the routing and file transfer between isolated, air-gapped networks without the need for a router.
Alyssa Miller emphasizes the power of embracing one’s hacker identity, showcasing how the same attack techniques used to uncover flaws in technology can be applied to challenge and influence corporate leaders positively. Her advocacy for helping others pursue careers in hacking and cybersecurity and her dedication to open sharing of ideas and perspectives make her a respected figure in the industry.
Riverside is an open-source network visualization tool designed to provide real-time network graph representations of live traffic between internal and external hosts. By capturing netflow and packet information in a database, users can analyze past network activities, enhancing situational awareness and gaining comprehensive insights into their network security posture.
Michael Mimo, the Chief Security Officer/Senior Director of Information Technology at Copyright Clearance Center, warns against equating compliance controls with robust security solutions.
In this video presentation, Rick Davis, a Senior Customer Engineer at Microsoft specializing in Cybersecurity, addresses the recent challenges and vulnerabilities affecting Public Key Infrastructure (PKI) and certificates. The talk delves into critical issues impacting both internal PKIs and public certificates, shedding light on their significance within the broader Active Directory ecosystem. Throughout the session, Rick classifies and rates the severity of these issues while offering insights into possible mitigations, defense strategies, monitoring, and alerting measures
Brian Halbach presents a captivating talk at WWHF Deadwood 2022, focusing on the enduring effectiveness of older techniques in penetrating networks. As a seasoned pentester and having observed actual attackers, Brian highlights that simplicity can often yield impressive results in accessing a network. While newer exploits garner attention, he emphasizes the value of revisiting and understanding older attack methods that still find weak points in an organization’s defenses
In “Wireless Attack Killchain for N00bs,” presented by Dennis Pelton at WWHF Deadwood 2022, the audience explores the security risks of ubiquitous Wi-Fi networks and gains insights into Wi-Fi hacking techniques.
Jason Downey shares his whirlwind experiences from his first year as a Penetration Tester. The talk is aimed at newer pentesters or those aspiring to enter the field, offering valuable insights that would have made his transition smoother and quicker. Jason candidly discusses the challenges he faced, the knowledge he gained, and the moments of self-doubt he encountered while hacking and learning at a rapid pace. He presents six crucial aspects that every pentester should know and offers tips to stand out to potential hiring managers