Dr. Russ is just a dude, playing a dude, disguised as another dude. He’s working in both private and public sector roles for the last two plus decades and has some observations about why we keep hearing the same songs over and over. When not janking on tech, he’s busy working on a mountain where he is slowly terraforming the land into a nerdy getaway.
Talk Title: KEYNOTE
“Why does it keep hurting wherever I poke myself?” asked the patient.
The doctor, sullen and saddened after decades of experience, muttered under his breath “ethics.” We will have a moment of reflection about what a potential common denominator for many of the security bumps and boops in the night and discuss the challenges around ethics.
Track 1 Talks
Will Baggett has a background in the U.S. Intelligence Community and also in NATO SOF as a cyber instructor His experience in the Intelligence Community provided a foundation for Insider Threat, Digital Forensics, and Cyber Intelligence consulting to pharmaceutical, financial, and technical entities. He is a graduate of Georgia Tech, holds multiple digital forensic certifications as well as that of a Certified Fraud Examiner and has appeared on several news broadcasts discussing cybersecurity issues. Will is also the Director of Digital Forensic services for Operation Safe Escape, a volunteer-run non-profit assisting domestic abuse victims as they begin new lives.
Talk Title: Processing Conti Leaks thru Carver Analysis
In 2022, the Conti ransomware group’s inner chat room discussions were leaked by a dissenting member of the group due to the Russian invasion of Ukraine. As a former intelligence officer of 20 years, I applied the CARVER vulnerability assessment model to the leaked data to rapidly assess the potential risk posed to my large financial firm’s enterprise model. This talk will share the methodology applied and the steps taken to maximize the intelligence value of this rare event. While preparing for the upcoming talk at BSides Charlotte, my team used this methodology to process the Clop/MoveIT and MGM data breaches.
Nick Newell, as Rival IT’s Founder, embodies a forward-thinking approach. Rival IT goes beyond being just an MSP; its mission is to seamlessly integrate information technology, operational finesse, and scalable cybersecurity solutions. Under Nick’s direction, Rival IT has emerged as a pioneer in integrated IT operations.
Beyond Rival IT, Nick assumes the role of a Business Operations Coach at Pax8, a globally recognized technology solutions provider. With an entrepreneurial mindset, Nick strategizes for Pax8’s Global Operations Team, Leveraging a diverse blend of problem-solving acumen and consulting expertise.
Talk Title: From Zero to Cyber Hero: How AI, Soft Skills, and Grit Catapult Your Tech Career
Tech Meets Strategy: Discover how cybersecurity fuels business success, turning YOU into the driving force behind innovation.
Master Situational Awareness: Identify blind spots, automate solutions, and scale impact while staying steps ahead of threats.
Take Charge of Results: Break boundaries, seize opportunities, and communicate like a pro, all while documenting your journey.
Be an Owner, Not a Renter: Embrace responsibility, mentorship, and leadership as you climb, elevating others along the way.
Engineer or Manager? Solve problems like a tech pro, manage like a visionary – both pathways lead to triumph.
Promote Yourself: Learn the art of pre-promotion mastery, making yourself indispensable and ready for the next level.
Ready to supercharge your cybersecurity journey? Join us to forge your own success story!
Chris works as a Security Engineer with Triaxiom Security – now a part of Strata Information Group – where he conducts pentests and social engineering assessments for clients of all sizes and industries. With deep corporate experience, Chris understands the kinds of risks that organizations face and how to help them stay secure from both a technical and non-technical perspective. He is an advocate for personal privacy and volunteers his time in the community with non-profit organizations, helping them understand how to stay cyber safe. https://www.linkedin.com/in/chrismhorner/
Talk Title: The Oldest Trick in the Book is Still the Best Trick in the Book
Social engineering attacks continue to make headlines - but why does this keep happening and why are these attacks so devastating? This presentation will discuss the psychology in use behind these attacks, how we as security practitioners can go beyond the obvious phishing email test and give our clients high quality assessments, and discuss ways to defend ourselves, our families, and our organizations against social engineering attacks.
Roland Blandon is a penetration tester from Packet Ninjas with over 3 years of experience in Red Team Attacks and other kinds of offensive operations. After graduating early with a Master of Science in Cyber Security from Florida International University, he landed a role as a junior pentester and has continued to love exploring his passion every day.
Talk Title: Utilizing OpenAI/ChatGPT in Red Team Attacks
Using ChatGPT/OpenAI for exploit development, source code review, and basic vulnerability assessment. We’ll review different cases where I’ve been able to use ChatGPT/OpenAI for these tasks successfully in various real world engagements and learn both how to use this technology for these purposes and its viability as well.
Lev is our youngest speaker yet, he loves hardware hacking and has always been passionate about cybersecurity. Conveniently, those two fell hand in hand in his presentation of an ESP 8266 based Wi-Fi De-auther.
Talk Title: Microcontrollers, Deauthentication, and AI
What deauther’s are, process of creating one and LLM’s role in this, how to detect them, and how to defend against them using AI. Lastly a pop quiz with winners getting one of 3 ESP8266 boards used for the deauther.
Brian Hutchins is the technical product manager for the data science team at a startup called Nightfall AI. He lives in San Diego with his 3 kids and a cat. His middle child is an aspiring whitehat hacker who would love to be here with us today. Brian loves data and telling stories with data. Today, Brian will use examples and data to explain a few data science concepts and show us how AI can be used to successfully prevent data sprawl and leakage in GenAI and SaaS applications.
Talk Title: Securing the Fort: Hardening Defenses Against the Generative AI Data Threat
This presentation issues an urgent call to action as generative AI introduces unprecedented risks of IP and customer data exposure. With employees directly querying AI systems like ChatGPT and adopting SaaS tools powered by generative models, existing data protection measures are profoundly inadequate.
Track 2 Talks
Talk Title: Pen-testing open source databases (MySQL and PostgreSQL)
I will show a number of “weak spots” when dealing with open source relational databases (MySQL and PostgreSQL) and how to protect from them.
In the neon-lit landscape of the digital realm, Jon “Dawn” and Ed “SavvyJuan” are not your usual cybersecurity experts. Together, they dance a dangerous tango on the binary battlefield, sometimes as attackers and at other times, defenders. Their mastery over the virtual world allows them to switch roles seamlessly in complex scenarios. With every engagement, the distinctions between the red and the blue become increasingly blurry.
Talk Title: Obfuscation in Plain Sight
The discussion on “plain sight obfuscation” focuses on disguising harmful scripts within regular traffic to potentially mislead an analyst who might initially detect the alert.
After a decade in IT, Matt took an unexpected turn in his career when he stumbled into the captivating world of application security. Now a security engineer in a large cybersecurity organization, Matt works alongside a dynamic team developing generative AI solutions. He hopes the lessons he’s learned over the past six months might help other teams looking to build with LLMs!
Talk Title: AppSec & LLMs
AI is everywhere now, including software development. As an application security professional, how do you ensure safe development practices when utilizing Large Language Models (LLMs)? Here are some things to think about when building new AI solutions. Quick tip: check out the OWASP Top 10 for LLMs.
Peter Ukhanov is a Senior Consultant with the Google Public Sector (Mandiant) IR team. Prior to joining Mandiant, Peter worked at Dragos focusing on OT/ICS environments. He started his career in incident response and digital forensics in 2014 a the Defense Information Systems Agency, spending almost 7 years supporting various Department of Defense entities.
Talk Title: Press F to MOVEit | A quest to discover how a web shell appeared
Another year, another file transfer solution getting compromised by a zero day exploit. In this talk, we will explore how Mandiant investigated incidents associated with the MOVEit Transfer exploitation this summer and deep dive into the process that was used to discover how a web shell ended up being deployed in the application. We’ll wrap it up by exploring some basic steps that can be taken to protect public facing applications.
Trevon is a security enthusiast who enjoys sharing and learning about new things.
Talk Title: Next Generation Solutions for Modern Network Attacks
Network attacks are becoming increasingly sophisticated and costly, but there is hope. In this talk, we will explore cutting-edge network attacks and how researchers are proposing cost-effective methods for defense. We will also discuss the direction of next-generation software that can help to protect our networks from future threats.
Jessa Gegax is an Information Security Testing Analyst in Minneapolis, MN. Jessa holds an undergraduate degree in Computer Science and minor in Environment and Natural Resources with research interests in offensive cloud security, IoT devices, and web application/API penetration testing. In their free time, Jessa likes to go backpacking, practice yoga, and spend time with their dog (in no particular order).
Talk Title: Abusing Microsoft Teams Security Misconfigurations for Webhook Hijacking and Other Shenanigans
This talk explores how to find and abuse misconfigurations within the Microsoft Teams business communication platform for webhook hijacking and other shenanigans to test both best security practices and general employee awareness at your organization. It provides a real-world scenario of how these hooks can be stolen to conduct complex social engineering attacks to compromise corporate credentials and expose other valuable business information. It offers solutions for detection and prevention for these elevated attacks that relate to all departments outside of your security team. At the end of this discussion, you will walk away with better awareness of the vulnerabilities existing in these popular communication clients, and how they can be discovered, remediated, then prevented. You may even find a new direction to your company’s next annual phishing test!
Jennifer Traband has been a technology professional for the past 28 years; including 18 years as a Project Manager. She has worked Fortune 500 companies in technology, telecommunications, and financial industries. In her current role, she provides the administration and coordination backbone for a Red Team of a financial institution.
Talk Title: Wrangling Cats: How We Coordinate Red Team Testing
Cybersecurity testing can be a challenging endeavor for an organization and managing this effort can add an additional layer of complexity due to the collaboration and administration that is required. Having a dedicated resource that can provide this level of coordination for an organization’s Red Team is vital to ongoing success, freeing them to do the research. During this presentation we will explore an end-to-end process that can be utilized to coordinate Red Team testing, how we leverage Jira to enhance the organization of assessments, and connecting with our business partners for solution engineering.
The coordination of Red Team assessments includes the initial onboarding of the request, prioritization, scoping, resource allocation, training, account provisioning, removing obstacles, and tracking and communicating status is involved throughout the duration of the engagement. By sharing an end-to-end process that a dedicated resource can use to coordinate an organization’s Red Team, the attendees of this conference will be provided with the knowledge and tools that they can adopt in their companies to enhance their Red Team.