Everyone from experts to vendors to talking heads espouse the benefits of threat intelligence. It’s spoken of as a nebulous panacea that only a select few can dole out like ambrosia, and it is beyond the mere ken of the average security professional. This talk is going to cover the basics: what is threat intelligence, how to discern wheat from chaff, where you can find it, how you can use it, and where you can learn more about it.
Presentations for Red Team
Eric Escobar will be presenting on wireless hacking concepts and will go into details on the CypherCon 2.0 wireless capture the flag!
A surprising amount of information can be intercepted by listening to raw WiFi signals. WiFi devices are continuously broadcasting information that can be use to track people’s movements and even to infer things like when security cameras have detected motion. And this data can be intercepted from blocks away, without even being connected to any WiFi network.
Come learn about some of the techniques that are almost certainly already being used by governments and corporations to track us all, and what can be done to help prevent it.
Every two years almost seventy major candidates vie for Senate seats across the United States. Many of the candidates have or will soon have a major impact on policy and spending, and their campaign web sites are visited by millions of voters and other interested parties. 2016 has been the year of the political cyberattack, with hacked emails, phishing, insecure servers and even whispers of foreign penetration in the news.
Despite this backdrop, the cybersecurity of US Senate senatorial campaigns leaves much to be desired. On the eve of the 2016 election, Cybertical employed a new tool to scan the sites of 67 major candidates and found unpatched vulnerabilities, administrative usernames and public entry points on many of them. To help communicate which candidates’ sites were better or worse than others, every site scanned was awarded a “grade point average” (GPA) and a letter grade from A to F.
This presentation demonstrates the newly released tool, how it was used to get these results, and how the scoring process worked (and could be repeated across time to track improvement). Several Wisconsin and Milwaukee-area political sites will also be scanned and graded live.
*THIS PRESENTATION WILL NOT BE RECORDED*
As pentesters, we are often in need of working around security controls. In this talk, we will reveal ways that we bypass in-line network defenses, spam filters (in line and cloud based), as well as current endpoint solutions. Some techniques are old, some are new, but all work in helping to get a foothold established. This talk will not be recorded. Defenders: might want to come to this one. 🙂