It’s 2021 and we still have “testers” printing vuln reports to submit to clients as their cloud pentest report! There are numerous findings that go untouched in these cloud environments. In this presentation TJ will cover some key components that pentesters miss when they are assessing AWS cloud environments and explain the importance of manually testing these cloud environments.

When we see #OSINT or #GEOINT challenges on Twitter it's very easy to assume correct results are magic, they certainly feel that way. In 30 minutes I'm going to try and dissect the sleight of hand to provide you with a strategy for your next investigation.

Cybersecurity vendors routinely describe themselves as ‘cyber defenders’ engaged in ‘hand to hand combat’ with criminals and threats. Our industry is suffused with military terminology, impenetrable acronyms, fantasy references, and apocalyptic imagery. It’s time we considered the impact of that on the public we’re trying to protect, and the people we want to attract into the workforce. Bec and Vic poke a friendly stick at cybersecurity’s image, and ask whether we might be able to do things differently….and more inclusively

A beginners guide to data recovery, covering some light technical information on how data is stored, and a practical look at Autopsy and file carving as a data extraction method

Stu speaks to Child's Play about some of the work they do, and learns more about the cause we are supporting for this con.

Industrial Control Systems (ICS) security has historically relied on network segmentation and segregation, in order to separate process control from vulnerable internet-facing networks using hierarchical zones separated by firewalls. Industry 4.0 and Industrial Internet of Things (IIoT) rely on 'smart' control devices connecting directly to cloud networks, bypassing the logical hierarchy of reference architectures such as the Purdue Enterprise Reference Architecture. This talk will firstly deliver an overview of the necessity for security in ICS, looking at historic vulnerabilities and risks, which secure reference architectures aim to mitigate. I will also provide an introduction to the Purdue Model, explaining its history and significance to ICS implementations across various sectors. I will then examine the limitations in current ICS security standards in the context of Industry 4.0, and explore new solutions which address these issues, while also discussing their shortcomings. I will finally discuss the relevance of the Purdue Model going forward and attempt to identify areas in which it could be modified to better suit IIoT networks. It is hoped that this talk will provide ICS novices with a solid understanding of the security issues which face these systems, and that more experienced attendees will expand their knowledge of secure control system architectures, particularly those that involve newer technologies.

Talk from our closing Keynote to be announced soon

It’s 2021 and we still have “testers” printing vuln reports to submit to clients as their cloud pentest report! There are numerous findings that go untouched in these cloud environments. In this presentation TJ will cover some key components that pentesters miss when they are assessing AWS cloud environments and explain the importance of manually testing these cloud environments.

After Roelof Temmingh completed his degree in electronic engineering he worked as a software developer and later as system architect at company that made encryption devices for the South African government. After 4 years he left the company (with @charlvdwalt) to start SensePost from his bedroom. For 7 years he hacked many networks, wrote many books, and spoke at all the conferences. He left the company in 2007 to start Paterva – the company that brought Maltego to the world. Roelof was the inventor and driving force behind Maltego for the first 10 years. Here he made many graphs, spoke at the remaining conferences, and trained many people. When he left Paterva he pondered, painted (bad.rip), made a short film (fliptheverse.com), and baked for a bit before starting a new venture called Vortimo, software that enhances the browsing experience (for investigators, researchers).

The presentation will demonstrate how an attacker can use Discord and Slack's APIs in order to establish a reverse shell connection. By doing so, the attacker can easily guise their traffic under Discord or Slack's traffic, staying undetected.

Erick Blandin, Program Director of Child’s Play to talk about our network hospitals & Gaming Technology Specialists

Following a long career in developing software, I switched careers into infosec and started building an appsec program at a Somewhat Large Company with many dev teams and products. In my talk I'm sharing my experience and insights of how I started building an appsec program from scratch and how I realized how few of the challenges involved are purely technical (surprising to an engineer!). I'm also presenting some tools and metrics I've built to support our appsec program which I'm releasing as open source.

Talking through examples of weaponised narratives, whether deliberately or accidentally, and how they can be understood from a game design lens. From the 5G-conspiracy-motivated arson attacks, to QAnon, to committing treason we've seen repeated instances where mis- and disinformation are used opportunistically, or in a planned way, to cause harm. Looking at this from a game design lens helps us understand the construction and evolution of these narratives, and maybe be ready for the next wave of them.

Protecting your organization requires vigilance and skills combined with effective controls and detections, just having a SOC is not enough. SOCs vary in size, scope and staffing across various industries, outsourced and in-house, they exist to monitor, detect, and respond to evolving threats. Guarding against failures in the security architecture is not just about selecting the right tools and suppliers, it requires constant validation of your people processes and technology.