The ever-evolving landscape of cybersecurity threats demands a constant flow of new ideas, collaboration, and knowledge sharing. Professionals should consider the pivotal role that networking communities and mentorship play in fostering a resilient cybersecurity ecosystem.
Join this presentation for a comprehensive overview of modern cybersecurity threats and how breaches occur. We will highlight the various methods used by cybercriminals, including phishing, social engineering, and ransomware attacks, and emphasize the importance of identifying and addressing vulnerabilities before they can be exploited. There are a lot of vulnerabilities in the wild, and IT administrators and security professionals often focus on the wrong issues because they are easier to monitor or measure. By the end of the presentation, you will have gained valuable insights into the latest cybersecurity threats and how to protect against them.
This presentation describes some of the challenges of malware development for Red Team initial access operations, and how continuous integration/continuous development (CICD) pipelines can be employed to assist in solving the challenges. The presentation will start by introducing some of the known techniques employed by modern endpoint defense software, and then describe how a CICD approach can be used to enable unique malware artifact production for bypass and initial access operational success. It is hoped that this presentation will stimulate ideas and discussion surrounding both source code obfuscation and related dynamically triggered child pipeline utilization.
Incident Response teams need to be more capable in responding to attacks than ever before. Threat actors are continually updating their TTPs and their ability to rapidly traverse target networks. A significant challenge IR teams face is the lack of opportunities to leverage their tools and processes on a routine basis. Annual technical training or the organization-wide Tabletop Exercise (TTX) is insufficient in preparing IR teams to address the challenges. What is needed is actual practice against a live threat actor.
Introducing FalconHound, a toolkit that integrates with Microsoft Sentinel, Defender for Endpoint, the Azure Graph API, Neo4j and the BloodHound API to get the most out of your data. Some of its features allow it to track sessions, changes to the environment, alerts, and incidents on your entities and much, much more. All in near-real time!
This presentation will provide an overview of LLMs, including their strengths and limitations, and discuss how they are being used in disinformation campaigns. Additionally, the presentation will examine the potential impact of LLMs on the future of work, particularly in the field of computer security, and highlight the need for new strategies to deal with the increasing sophistication of LLM-generated attacks. The talk will conclude by discussing the ethical and social implications of LLMs, particularly in relation to job displacement and data privacy.
Endpoint protections are getting better every day. Attackers are having to change their tactics more and more to achieve execution which, in turn, makes it harder for red teams to emulate their attacks. In this talk, Corey Overstreet will be covering initial common methods used to get payloads around AV/EDR and application allow-listing.