Social engineering plays a role in almost every breach. In this deep dive into social engineering techniques, security experts Alexander, Hanna and Erik will share their experience from investigations and red team assignments. This talk covers the latest phishing techniques, CEO scams, physical intrusions, vishing and many other social engineering vectors.
Speakers: Alexander Andersson / Erik Wilhelmsson / Hanna Ljung
This session will focus on how to secure the modern Windows 10 desktop through both on-premise and cloud delivered management solutions. Security features including BitLocker, Exploit Guard, AppLocker, Defender ATP and more will be demonstrated. Real world scenarios will also be shared where implementing these technologies can prevent your enterprise being the victim of a security based attack.
In this session, we go through how to carry out risk analysis in a so-called impact assessment, a requirement that came with GDPR for all treatments that pose a high risk to the data subject’s rights and freedoms. We present a suitable model for assessing the seriousness of a personal data incident in order to assess whether it must be reported to the data subjects, and what is actually a personal data incident. In order to then protect the data correctly, they need to be classified in order to be properly protected – the session reviews how unstructured data can be classified and protected.
A vulnerable web application could result in major reputational and financial losses, and it is often the entry point that hackers use to compromise entire organizations. This demo-oriented talk will cover advanced topics such as exploitation of second-order flaws and insecure de-serialization exploitation. The talk also features vulnerability identification methodology with a discussion of how to best combine manual and automated tests
During software development you are often faced with different architectural choices. These choices can affect the security of your application in different ways. Join us in a journey along different scenarios and security considerations.
One of the major challenges for the penetration tester is to understand the systems being tested. One of the major challenges for the customer is to get real value for money. We provide this value by working continuously with our customers over longer periods of time. We deliver results directly into our customers’ existing workflows, only writing reports when explicitly requested to do so. In this session I will describe how this has been implemented at one of our customers.
A stolen computer, a phished account, a weak password, a badly configured service, a vulnerable application or an unattended computer at the reception desk. Just a few examples of the many possibilities to get access to an internal network.
What happens when the attackers are in the network? What tools do they use? What are they after? How visible are they?
In this session we will show the attack methodology, lateral movement techniques and tools for internal network dominance. We will also look at ways we can make the attackers’ life more difficult and force them to be noisy.
Join Björn and David on stage to get an insight into current cyber criminal activities, and the tools and methods to detect, mitigate and investigate their crimes.
With both Cyber crime and real-world crime the main objective is generally to steal assets. But while most crimes performed in the real world will be detected and investigated, the same does not hold true in the Cyberworld without proper preparations.
Recent studies of Cybercrime economy have estimated a world-wide annual revenue of $1.5 trillion during 2018. How much did they steal from Your organization? Do You have the tools to know?
You get a call from a colleague in the middle of the night. He asks if you just used your admin account to access a domain controller. What started as an unpleasant dream turns into a nightmare when you realize that your admin account was used for days giving somebody access to everything.
What do you do when you realize your environment has been compromised? In a situation with panicking managers, data that could be leaked any second, servers and accounts to be checked, data to be protected and an attacker to be kicked out, but no idea where to start.
Based on the many incident responses we have conducted and anonymized results of real investigations, this session will guide you through the process of performing a thorough incident response. We will discuss the typical challenges we face, how you can prepare the environment to facilitate a properly structured response, and the difficult choices that sometimes need to be taken.
Most of the enterprises worldwide are at great risks due to lack of identity-based segmentation and problematic exposure of high and important privileges. Using real-life examples we show how and what to consider when building and identity segmentation model and how that will put effective measures against cyber attacks lateral movement. We will demonstrate different cases and scenarios based on real-life challenges we encounter when designing and building Privilege Access Workstations PAW’s as well as how to build a working tire model and harden your domain to protect your identities and infrastructure.