BSides Birmingham 2023
The Digital Architects of Tomorrow: The Crucial Role of High School Graduates in Information Technology - High school and college kids are a demographic that has amazing raw talent that we will lose if we don't engage them.
CTF Village
If security is such an absolute requirement, and if AWS makes it so easy to build secure systems, why don't all companies build secure systems? What is it about companies, the stage lifecycle that they are in, that makes one company choose one architecture over other? What are the trade-offs associated with architectures on the cloud? When you build a secure system, what would you have to give up in return? This talk will discuss the various architectural tools and patterns that you could follow on AWS while building a secure, scalable system.
Recruiters from APT will conduct mock interviews and review resumes
Rootkits, malware embedded in the kernel, and bootkits, malware embedded in pre boot environment, are an interesting, but extremely dangerous set of malware classes that are on the rise. In this talk, we will look into why these kinds of malware are becoming more popular, what damage can be done in the privilege context they execute in, and what kinds of mitigations exist to prevent system damage.
Join us at our Incident Tabletop Village! Dive deep into real-world security scenarios with "Backdoors and Breaches" by Black Hills Information Security.
The majority of smart home solutions begin with downloading a mobile app to manage the smart home products. The mobile apps controlling the smart homes may provide convenience to quickly manage the security camera, garage door, house alarm, etc. However, do they hold up against modern malicious actors?
The speakers will discuss the challenges and solutions of deploying monitoring, detection, response, containment, and notification for commercial and government ships, including recent deployments that achieved governmental Authority to Operate (ATO). We will cover the handling of OT systems, including policies and procedures for governmental ATO.
In the ever-evolving landscape of cybersecurity, the hunt for malicious actors and their infrastructure is a relentless pursuit. In our experience, most of known-bad infrastructure is derived from endpoint or firewall alerts, and reported either during or after an attack. This presentation delves into the fascinating world of proactively scanning the internet to uncover malware Command and Control (C2) servers. We will shed light on the "why," "how," and the invaluable results achieved through these endeavors.
Cobalt Strike is the go-to C2 framework for security professionals and cyber criminal. Cobalt Strike's popularity has come at a cost to red teamers. It has become heavily signatured and requires a lot of customization to bypass a competent blue team.
The current model for traditional penetration testing is broken. Find out the difference between red and purple teams, assumed breach testing, and how to choose the right test to maximize impact.
There's no denying that we'll continue to face security breaches reminiscent of those affecting Solarwinds, Log4J, and Kaseya, and vulnerabilities in open-source components like Apache Struts and OpenSSL. Software supply chain threats are now an established part of the tech landscape, encompassing both deliberate attacks and unforeseen accidents. The real puzzle here is how IT leaders can stay proactive in addressing these threats. How can CIOs empower their development teams without inadvertently introducing new security flaws? How can they mend critical code issues in systems the organization might not even know exist, all while ensuring a harmonious balance between security and productivity?
In this talk, I give an overview of different cloud misconfigurations that have led to a variety of breaches. I also discuss different remediation steps corresponding to each misconfiguration.