Monitoring events will always be a big challenge for defensive teams. Now, with the increasing adoption of cloud by enterprises, new data sources are needed to monitor these services and detect security incidents. In the AWS Cloud ecosystem, the primary source of visibility of the control plane activities is called CloudTrail. Leveraging CloudTrail allows you […]
Read moreNo, this is not a talk about the Beverly Hills Police Department. It is about a new tool that I built based on a methodology I developed for Destroying Active Directory Attack Paths found by BloodHound. This talk will cover the methodology and the various options that the script provides. All the features are aimed […]
Read moreRemote Desktop Protocol (RDP) is the de facto protocol to remotely access Windows systems. Two years ago, we released PyRDP, a free and open-source RDP Monster-In-The-Middle (MITM) tool to tangibly demonstrate some of RDP’s common misconfigurations and associated risks. Since then, more RDP servers are exposed online and Microsoft’s RDP implementation has been the target […]
Read moreStatistics are speaking loudly! There is a disconnection between defenders’ perceptions of the value of the security controls they implement, and the most common attack vectors leveraged by penetration testers acting as potential attackers. This presentation highlights the key results of a two-year-long research study aimed at understanding this disconnection. The perceptions and practices of […]
Read moreIntuition, acquired through years of experience, is what sets experts apart from novices. Intuition is the ability to look at a large amount of information, quickly spot interesting items, and dismiss the rest. In the case of security audits, intrusion testers typically face hundreds, or even thousands, of assets early in an engagement. Their ability […]
Read moreWhether you do Pentesting or Bug Bounty Hunting, Recon is an important phase for expanding your scope. However, not everyone does that as they are busy filling forms with random payloads. Effective Recon can often give you access to assets/boxes that are less commonly found by regular Pentesters or Bug Hunters. More assets mean more […]
Read moreAbuse Operations, theft of services, and violation of acceptable usage does not get the spotlight it deserves because ultimately, the systems in question are “working as designed”. It is within these “cracks” that the abusers, the malicious users, and outright criminals operate their tools, campaigns, and other questionable interests. We will highlight how they are […]
Read moreMost security experts would agree that password-based authentication is dead. The FIDO2 standard aims to replace passwords entirely and there is a good deal of chance that it will succeed. It has gained significant momentum in the past year, as key players like Microsoft, Apple, Google, and Mozilla started to jump on board. This talk […]
Read moreWhen we see the terms Natural Language Processing (NLP) or Machine Learning (ML), often, our guts are correct, and it is vendor marketing material, frequently containing FUD. After tinkering with various libraries in Python and R with the use of some OSINT and SOCMINT techniques, I have found a use for NLP and ML that […]
Read moreHow are passwords stored in Microsoft’s Active Directory and how can they be audited? What could an adversary do if they gained access to either a physical or a virtual hard drive of a domain controller? In what ways could one directly modify an Active Directory database file and how can such unauthorized changes be […]
Read moreRansomware attacks are prevalent. The actions taken by a company immediately after a ransomware attack can have major implications on their ability to restore operations. This talk will clearly explain which actions should be taken, and which actions might unintentionally cause an organization much more trouble. This talk will go through a series of Do’s […]
Read moreOne of the core purposes of cybersecurity is to protect data gathered by an organization. Numerous countries around the world have enacted statutes to force organizations to protect their users’ data. Although organizations are making efforts to comply with regulations and implementing revolutionary cybersecurity products into their operations, we continue to see breaches of businesses […]
Read moreThis talk showcases lessons learned from firsthand experience implementing everything from power transmission systems, smart meters, first responder radio systems, voting and election software to building automation (doors, HVAC, etc). We are increasingly asked to believe “that’s not IT” for a variety of reasons. This talk covers all the reasons, lies and how to deescalate […]
Read more