So you have a firewall, AV, IDS, patch management and more. Nobody is getting in. Somehow Fake-AV and malware still rear their ugly heads from time to time, but things feel pretty safe. Others in this same situation are still making the news. This talk will look at how a single foothold can lead to the opening story on the evening news. We will look at how a motivated attacker can compromise a patched Windows box, escalate privileges on a domain, and get to the data. As each demonstration shows the techniques, we’ll talk about mitigation strategies and what steps you can take to avoid being a headline.