2.0 -//Pentabarf//Schedule//EN PUBLISH RDFGC8@@pretalx.com -RDFGC8 Opening Speeches + Keynote en en 20240427T090000 20240427T093000 003000

Opening Speeches + Keynote

Keynote Speaker PUBLIC CONFIRMED Talk - Long https://pretalx.com/bsides-cymru-2024/talk/RDFGC8/ Main Room (Ballroom) - Track 1 Craig Jones, Clare Johnson + Stuart Criddle PUBLISH ANY9VY@@pretalx.com -ANY9VY Home Renewables Security Or: How I forgot to RTFM and got Pwned by my 12 year old en en 20240427T093000 20240427T100000 003000

Home Renewables Security Or: How I forgot to RTFM and got Pwned by my 12 year old

Adoption of home technologies to help reduce CO2 emissions and energy costs are on the rise as more and more people engage with the green revolution. Whether it’s solar panels and battery technology, Electric Vehicles (EV) and their chargers or smart home heating for both conventional fossil fuel heating and electric heating such as heat pumps. All of these technologies are built on electronics, software, are networked and often include cloud management capabilities, as well as often being physically located outside of the home. This talk will explore the threat model for home renewable technology with real world examples of vulnerabilities. It will also explore what manufacturers should be doing to support their customers to maintain the security of home renewable technologies. The presentation will conclude with the story of how my 12 year old took advantage of poor default security settings on a solar inverter. PUBLIC CONFIRMED Talk - Long https://pretalx.com/bsides-cymru-2024/talk/ANY9VY/ Main Room (Ballroom) - Track 1 Jon Renshaw PUBLISH 8SYSTT@@pretalx.com -8SYSTT Hurr Durr, He Wrote: That awesome time I trolled the stupidest scammer in the world en en 20240427T100500 20240427T105000 004500

Hurr Durr, He Wrote: That awesome time I trolled the stupidest scammer in the world

See abstract. PUBLIC CONFIRMED Very Long Talk https://pretalx.com/bsides-cymru-2024/talk/8SYSTT/ Main Room (Ballroom) - Track 1 Matt Wixey PUBLISH XWPKYS@@pretalx.com -XWPKYS Everything online can be faked. Here's how and here's how to spot it. en en 20240427T105500 20240427T112500 003000

Everything online can be faked. Here's how and here's how to spot it.

We discuss the ways everything online can be faked, from spoofing phone numbers to creating virtual webcams to using AI to create deepfaked voices, combined with animating an image to make it appear as if the person is talking. Several of the ways will be shown using demonstrations PUBLIC CONFIRMED Talk - Long https://pretalx.com/bsides-cymru-2024/talk/XWPKYS/ Main Room (Ballroom) - Track 1 Wayne May PUBLISH NNLVEQ@@pretalx.com -NNLVEQ So you want to be a spy - reality is a slap in the face en en 20240427T113000 20240427T120000 003000

So you want to be a spy - reality is a slap in the face

Our presentation delves into the complex world of intelligence gathering and analysis. It covers various types of intelligence, such as TECHINT (Technical Intelligence), SIGINT (Signals Intelligence), FININT (Financial Intelligence), RADINT (Radar Intelligence), OSINT (Open Source Intelligence), CYBINT/DNINT (Cyber/Digital Network Intelligence), IMINT/GEOINT (Imagery/Geospatial Intelligence), MASINT (Measurement and Signature Intelligence), and HUMINT (Human Intelligence). We will journey through All-Source Intelligence, highlighting the specific methodologies and technologies involved, as well as their applications in different contexts. The presentation showcases less known techniques as well as those popularised by Hollywood. We also explore the integration of diverse intelligence types in modern practices and tradecraft as well as the evolution and current trends in intelligence gathering and analysis. PUBLIC CONFIRMED Talk - Long https://pretalx.com/bsides-cymru-2024/talk/NNLVEQ/ Main Room (Ballroom) - Track 1 Tony Gee Hugo Page-Turner PUBLISH WCFQVU@@pretalx.com -WCFQVU Admiral Community CTF en en 20240427T120500 20240427T125000 004500

Admiral Community CTF

Admiral CTF which will be accessible via phone and open to all. PUBLIC CONFIRMED Very Long Talk https://pretalx.com/bsides-cymru-2024/talk/WCFQVU/ Main Room (Ballroom) - Track 1 PUBLISH JCDCGE@@pretalx.com -JCDCGE I Don't Care about Domain Admin en en 20240427T133000 20240427T140000 003000

I Don't Care about Domain Admin

Presentation outline 1) Common pentesting goals In the opening of the talk, we discuss that some common goals for clients engaging pentesters is the identification of vulnerabilities, and that testers have their own goals of being able to break all security, achieve a data breach and escalate privileges (Domain Admin FTW) 2) Traditional vs Modern penetraiton testing This section talks about how clients are starting to see that security needs to be thought of as a big picture issue and that testing very small areas of a network or single applications don’t realistically improve security. Modern testing is moving toward continual vulnerability assessments and more scenario/red team style testing. However testers still want to get to DA and prove their skills 3) Real world incidents that didn’t follow traditional playbooks A review of the Alphv/BlackCat attack against MeridianLink and how they posted a picture of themselves reporting MeridianLink to the USA SEC in an attempt to get them to pay a ransom 4) GDPR A review of the types of data that are deemed valuable in the EU (PII) and how companies have been hit with fines after databreaches 5) Weaponising GDPR for the greater good A discussion on how in 2024 cyber security is still not where it should be and that perhaps if we embrace non-technical ramifications of an attack we can convince clients to take action. Discussing how some clients have little idea what the impact of whoami command showing system access but can definitely understand comments such as “the last company that had this much data exposed in a breach payed £X millions in fines” 6) How to find the flaws The release of a new tool FileFinder that searches network for file sharing locations and points pentesters to areas of interest. 7) How a single file doomed an organsation’s attempt at being secure A case study of a real world penetration test against an organisation that took data security seriously was doomd due to an NFS share hosting a file with an excessive amount of passwords on it. It would have been significantly harder to break security without these credentials. 8) Conclusion Summing up how pentesters can still view technical exploits and network compromise as a fantastic goal to achieve. But that we can also add steps to highlight areas that can cause real impact to clients. Attendee Takeaway 1) Attendees will learn about pentesting concepts and how testers target networks 2) Attendees will learn about how regulation impacts their clients and that 1 hacking group has already threatened to use this against their victims 3) Attendees see a new tool that can be used to map files of interest across a network. PUBLIC CONFIRMED Talk - Long https://pretalx.com/bsides-cymru-2024/talk/JCDCGE/ Main Room (Ballroom) - Track 1 Dan Cannon PUBLISH ZXC9NE@@pretalx.com -ZXC9NE Out of the Frying Pan Into the Cloud: A Red Teamer's View of Your Cloud Estate en en 20240427T140500 20240427T143500 003000

Out of the Frying Pan Into the Cloud: A Red Teamer's View of Your Cloud Estate

Initial Access: - Is password spraying back!? Max and his red team are leveraging intelligent password spraying and common gaps in MFA to breach orgs reliant on o365. This particular attack chain has recently been abused by Russian threat group Midnight Blizzard to compromise Microsoft themselves https://www.microsoft.com/en-us/security/blog/2024/01/25/midnight-blizzard-guidance-for-responders-on-nation-state-attack/ - The renaissance of web application compromise. Metadata services and rich cloud APIs have taken the impact of SSRF and RCE on app servers and functions to new levels. Gone are the days of popping a low-privileged service account, restricted to the webroot on a web server, in the DMZ... - Users will always be a target...but out with the old (implants) and in with the new (post-MFA session tokens) Lateral Movement / Privilege Escalation: - Every cloud environment we have red teamed to date has some level of overly privileged accounts, and its not a surprise when IT administrators are now expected to understand the granular differences between 100s of different IAM roles - Targeting the right identities/service principals/etc is often easier and better opsec than going for superusers - Generally speaking there are so many misconfigurations or abusable default configurations that there is less a focus on 'exploitation' as there is on 'leveraging' what is there. - Persistence is now about maintaining access to valid session tokens, not repeatedly executing an implant. Data Mining / Actions on Objectives: - Data mining is an absolute goldmine in the cloud, and Max and his team have abused this to skip massive chunks of the traditional cyber attack kill chain and cause catastrophic business impact - Actions on objectives largely remain the same from on-prem to cloud red teams, but the means change dramatically. PUBLIC CONFIRMED Talk - Long https://pretalx.com/bsides-cymru-2024/talk/ZXC9NE/ Main Room (Ballroom) - Track 1 Max Corbridge PUBLISH 9N3LA7@@pretalx.com -9N3LA7 Navigating Cloud Frontiers: A War Story of Cloud Purple Teaming en en 20240427T144000 20240427T152500 004500

Navigating Cloud Frontiers: A War Story of Cloud Purple Teaming

Attendees will gain actionable insights into the intricacies of Cloud Purple Teaming, from navigating the cloud landscape to mastering incident response in cloud environments. The war story format will provide tangible lessons applicable to diverse cloud security challenges. PUBLIC CONFIRMED Very Long Talk https://pretalx.com/bsides-cymru-2024/talk/9N3LA7/ Main Room (Ballroom) - Track 1 Hani Momeninia PUBLISH MC3RN9@@pretalx.com -MC3RN9 Ohhhh365 - How to (Quite) Reliably Hack into Microsoft 365, And What to Do Afterwards en en 20240427T153500 20240427T160500 003000

Ohhhh365 - How to (Quite) Reliably Hack into Microsoft 365, And What to Do Afterwards

## Introduction M365 accounts have never been *mere* email inboxes; they are the linchpins of internal communications and data repositories. An attacker's access to such accounts often leads to sensitive internal data exposure and facilitates lateral movement within an organization, especially in hybrid or cloud-native environments. ## Initial Access Methodologies We dive into the methodologies tested and refined in red team operations in our consultancy, to infiltrate Microsoft 365, which include: - **Revival of Password Spraying**: The password spraying technique is revisited, utilizing AWS API Gateway proxying to bypass Microsoft's Smart Lockout. This innovative approach enables us to exploit often-seen gaps in multi-factor authentication (MFA) setups, which got us into highly-sophisticated clients. Microsoft's security team reported in January 2024 that one of their own tenants were compromised by a threat group using a similar approach. - **MitM Phishing Via Productivity Apps**: Tools like Microsoft Teams can be leveraged for phishing, effectively circumventing traditional email controls. Our social engineering methodology employs Man-in-the-Middle (MitM) tactics to hijack post-MFA access tokens. We will outline key steps in readily setting up a believable front that gets past web filters. ## Post-Compromise Our Tactics, Techniques, and Procedures (TTPs) for data mining, persistence and lateral movement within Office 365 are highlighted, and thereby the potential business impact too. Threat actors, and by extension attack simulations target M365 more and more for a reason, and it's not just about breaking into accounts. PUBLIC CONFIRMED Talk - Long https://pretalx.com/bsides-cymru-2024/talk/MC3RN9/ Main Room (Ballroom) - Track 1 Sunny Chau PUBLISH NAUZ9Y@@pretalx.com -NAUZ9Y Okta Terrify - Persistence in a Passwordless World en en 20240427T161000 20240427T164000 003000

Okta Terrify - Persistence in a Passwordless World

We will take a deep dive into one of these solutions, the Okta Verify application and it's FastPass feature. We will first cover how Okta Verify and FastPass works followed by a demonstration of persistence vectors available to attackers when an endpoint is compromised that is running Okta Verify. A new tool will be demonstrated that will also be released to the community later in the summer. PUBLIC CONFIRMED Talk - Long https://pretalx.com/bsides-cymru-2024/talk/NAUZ9Y/ Main Room (Ballroom) - Track 1 Ceri Coburn PUBLISH SN8EC7@@pretalx.com -SN8EC7 Closing Speeches en en 20240427T164500 20240427T171500 003000

Closing Speeches

Closing speeches and prize giving PUBLIC CONFIRMED Talk - Long https://pretalx.com/bsides-cymru-2024/talk/SN8EC7/ Main Room (Ballroom) - Track 1 PUBLISH DY8SWE@@pretalx.com -DY8SWE Decoding Neurodiversity: Spectrums aren't just for RF en en 20240427T092500 20240427T101000 004500

Decoding Neurodiversity: Spectrums aren't just for RF

Through personal experience and awkward audience participation, be prepared for an exploration of the misconceptions surrounding neurodiversity, coupled with practical tips on fostering inclusivity. Discover how each of us can contribute to creating a more understanding and welcoming environment for individuals with diverse neurological profiles. This session promises to be both informative and enjoyable, as we delve into the complexities of neurodiversity with a personal touch. PUBLIC CONFIRMED Very Long Talk https://pretalx.com/bsides-cymru-2024/talk/DY8SWE/ Sophia Room - Track 2 Illyana Mullins PUBLISH AC9KGJ@@pretalx.com -AC9KGJ Whatever you do, don't pull the plug! en en 20240427T101500 20240427T104500 003000

Whatever you do, don't pull the plug!

Whatever you do, don't pull the plug! A ticket has been logged, users are unable to open files and then you discover the ransom notes, and start seeing files changing before your eyes - what next? Isolate the hosts, pull the power, pray or go and make a cuppa? This talk will cover a real life experience when someone did exactly that and pulled the power out of a storage array - with the best of intentions to prevent further damage, unbeknown that this would actually cripple the network! From stopping the attack, uncovering the lack of DR and backups, to reconstructing the environment and travelling across London with a server in the back of a black cab and then rebuilding. This is a real life tale about how a lack of incident response planning and knee jerk reactions can make things worse! PUBLIC CONFIRMED Talk - Long https://pretalx.com/bsides-cymru-2024/talk/AC9KGJ/ Sophia Room - Track 2 Pete G PUBLISH 9WGWWS@@pretalx.com -9WGWWS SOC Analyst’s Arsenal: Essential Tools, Tips and Tricks for Effective Investigations en en 20240427T105000 20240427T112000 003000

SOC Analyst’s Arsenal: Essential Tools, Tips and Tricks for Effective Investigations

We will begin with an OPSEC warning after which we will explore SOC analyst tools that form the foundation of a SOC analyst's toolkit and highlight the most valuable functionalities. Main areas that will be covered: - Reputation engines and related info - Quick sandboxing - Analysis of EVTX and malware - Other useful tools Additionally, we will share battle-tested tips and tricks used by experienced SOC analysts in the field. These insights will cover a range of topics, including: - OSINT gathering - Log manipulation and transformation - Scripting and automation opportunities Moreover, we will mention the importance of collaboration and knowledge sharing among the SOC analysts and propose ways to leverage gamified tabletop exercise to ignite conversation and teamwork. We will conclude the session with a few minutes for questions from the audience / suggestions of other tools or tricks they like. PUBLIC CONFIRMED Talk - Long https://pretalx.com/bsides-cymru-2024/talk/9WGWWS/ Sophia Room - Track 2 Samuel Kavaler PUBLISH NTWYXY@@pretalx.com -NTWYXY Practical security challenges posed by AI adoption: Code Quality and Threat Modeling en en 20240427T112500 20240427T121000 004500

Practical security challenges posed by AI adoption: Code Quality and Threat Modeling

1. INTRODUCTION - whomi 2. AI IN SOFTWARE ENGINEERING - How software engineers apply AI in their day to day job 3. LLM USE CASES - and few thoughts about the security cost 4. SECURITY FRAMEWORKS AND BEST PRACTICES - Latest improvements in the field 5. DEMO 6. CLOSING REMARKS PUBLIC CONFIRMED Very Long Talk https://pretalx.com/bsides-cymru-2024/talk/NTWYXY/ Sophia Room - Track 2 Balazs Greksza PUBLISH A8YPE3@@pretalx.com -A8YPE3 Automating Binary Analysis With Machine Learning… and a bunch of scripts en en 20240427T121500 20240427T124500 003000

Automating Binary Analysis With Machine Learning… and a bunch of scripts

*Reverse engineering, vulnerability research, binary analysis - all of these approaches and disciplines require skill and take time. This talk dives into supporting the latter, by covering what we can do to automate and accelerate approaches to binary analysis and in getting results, identifying findings, and spotting bugs and vulnerabilities quicker.* During this talk we’ll cover a collection of approaches for accelerating binary analysis, covering a rage of areas from onboarding new binaries, diffing code, and identifying vulnerabilities/ similar code using ML. This will include: - Quick wins you can implement right now to accelerate your manual analysis - Approaches to developing your own automated approaches to binary analysis - Where machine learning fits into this, and a collection of ML automation tooling PUBLIC CONFIRMED Talk - Long https://pretalx.com/bsides-cymru-2024/talk/A8YPE3/ Sophia Room - Track 2 James Stevenson PUBLISH GB9VVT@@pretalx.com -GB9VVT Securing Online Transactions: How to Keep Your Money Safe about IDOR vulnerability en en 20240427T133000 20240427T140000 003000

Securing Online Transactions: How to Keep Your Money Safe about IDOR vulnerability

I need only HDMI PUBLIC CONFIRMED Talk - Long https://pretalx.com/bsides-cymru-2024/talk/GB9VVT/ Sophia Room - Track 2 Ilkin Javadov PUBLISH PTKKCJ@@pretalx.com -PTKKCJ Dr. Strangequeries or: How I Learned to Stop Worrying and Write Better BloodHound Queries en en 20240427T140500 20240427T143500 003000

Dr. Strangequeries or: How I Learned to Stop Worrying and Write Better BloodHound Queries

BloodHound is one of the most well-known tools in the hacker's arsenal when it comes to Active Directory exploitation. It offers the user a convenient way of visualising relationships within AD in order to find interesting attack paths. BloodHound even comes with pre-made queries that you can use to find quick-wins throughout the chosen domain. Unfortunately, these pre-made queries do not offer the full scope of paths you may wish to try in AD and may not do exactly what you want them to. Since BloodHound relies on Cypher queries against a neo4j database, one can simply write raw queries for use in the BloodHound GUI and neo4j web console in order to better query the AD datasets...if they can figure out the syntax that is... This talk will (attempt to) demystify Cypher without assuming any prior knowledge of either it or BloodHound. The following will be covered: - A very brief introduction into BloodHound, how it works and how it is used, aimed at those new to the tool - Limitations of only using the pre-made scripts in BloodHound and how these can be solved with custom queries and the neo4j web console - A more detailed look at Cypher syntax and how to write queries (with examples), alongside some common pitfalls - Some example custom queries that I have found useful, including those I have used in engagements - How to save custom queries and import them into BloodHound for later use The need to cannibalise Cypher queries and build better queries came from the sometimes lax number of appropriate pre-built queries in stock BloodHound. Indeed, without the ability to restructure and write one's own, the risk of missing the next novel attack path is more apparent. Sometimes it's not that 'BloodHound did not find anything', it's that you, the user, failed to ask BloodHound the correct question. PUBLIC CONFIRMED Talk - Long https://pretalx.com/bsides-cymru-2024/talk/PTKKCJ/ Sophia Room - Track 2 Harry Williams PUBLISH SHNKCJ@@pretalx.com -SHNKCJ Client-Side Attacks in a Post-XSS World en en 20240427T144000 20240427T151000 003000

Client-Side Attacks in a Post-XSS World

With the evolution of web frameworks and browsers, Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) have become increasingly rare. In response, new classes of client-side vulnerabilities have emerged - DOM clobbering, XS-Leaks and client-side path traversals are just a few examples. In this talk, we will explore the merits and potential pitfalls of various protections against XSS and CSRF, newer classes of client-side attacks and some real-world examples of their applications. PUBLIC CONFIRMED Talk - Long https://pretalx.com/bsides-cymru-2024/talk/SHNKCJ/ Sophia Room - Track 2 Zeyu (Zayne) Zhang PUBLISH HTZTKW@@pretalx.com -HTZTKW I Know What You Did Last Summer en en 20240427T151500 20240427T154500 003000

I Know What You Did Last Summer

Thought provoking look at how much personal information we share and exploratory look at how this can be used in targeted campaigns. During the talk attendees will learn what type of personal information is attainable by OSINT. Workflow of an investigation into a target (using myself as an example) Scenarios of how threat actors could utilise this data with real world examples. PUBLIC CONFIRMED Talk - Long https://pretalx.com/bsides-cymru-2024/talk/HTZTKW/ Sophia Room - Track 2 Sam Macdonald PUBLISH AE99SK@@pretalx.com -AE99SK Is the biggest cyber security risk the lack of diversity? en en 20240427T155000 20240427T160500 001500

Is the biggest cyber security risk the lack of diversity?

The trials and tribulations of a career path, which never played into the stereotypes. A truly honest picture of what risks can be remediated by a team which is more than just what's on paper to go further for ultimate diversity. PUBLIC CONFIRMED Talk - Short https://pretalx.com/bsides-cymru-2024/talk/AE99SK/ Sophia Room - Track 2 Becky Hall PUBLISH 3PYQUV@@pretalx.com -3PYQUV Modern Vehicle Sabotage en en 20240427T161000 20240427T162000 001000

Modern Vehicle Sabotage

In this 10-minute talk, we will explore the critical role of the Controller Area Network (CAN-bus) in modern vehicles and its susceptibility to security vulnerabilities. Despite its age, the CAN-bus lacks essential security features, rendering it vulnerable to cyber threats in today's connected vehicle landscape. While efforts have been made to address these vulnerabilities, little attention has been given to assessing the potential impact of security measures on other vehicle components, particularly the Event Data Recorder (EDR). We will discuss the implications of this oversight and the importance of conducting comprehensive security assessments to ensure the integrity and functionality of connected vehicles. Through simulation based experiments, we will underscore the need for holistic approaches to CAN-bus security and highlight avenues for future research and development in the field. Join us as we navigate between security features and vehicle functionality, aiming to pave the way for safer and more resilient connected vehicles. PUBLIC CONFIRMED Very Short Talk https://pretalx.com/bsides-cymru-2024/talk/3PYQUV/ Sophia Room - Track 2 Muhammad Yusuf Bambang PUBLISH GQ93WH@@pretalx.com -GQ93WH Pocket-Sized Powerhouses: Exploring IDSs on Microcontrollers en en 20240427T163000 20240427T164500 001500

Pocket-Sized Powerhouses: Exploring IDSs on Microcontrollers

The ESPRESSIF family of devices, particularly the ESP32, is among the most popular microcontrollers used in the Internet of Things (IoT) domain. The ESP32 is a dual-core system, that can run tasks independently of each other. This dual-core architecture is leveraged to enhance the efficiency of IDSs implemented on these devices. In a typical scenario, one core is dedicated to identifying potential threats or malicious activities, while the other core is responsible for sending telemetry data or alerts about these threats to a central system. This division of labour between the two cores ensures a seamless transition from threat detection to alert generation, enhancing the overall responsiveness and effectiveness of the IDS. To further enhance the functionality of the device while ensuring it operates as intended, techniques like protothreading are employed. This means that the device can perform multiple tasks simultaneously, such as monitoring network traffic, analysing data for potential threats, and sending alerts, without any significant impact on performance. However, implementing such a sophisticated IDS on a microcontroller does come with certain trade-offs, the most notable of which is increased power consumption. The additional processing required for threat detection and telemetry transmission can lead to higher energy usage, which can be a concern for battery-operated devices. PUBLIC CONFIRMED Talk - Short https://pretalx.com/bsides-cymru-2024/talk/GQ93WH/ Sophia Room - Track 2 Vasilis Ieropoulos PUBLISH U379K8@@pretalx.com -U379K8 Exploring the socio-technical challenge: What even are human factors?! and why should I care? en en 20240427T093000 20240427T133000 040000

Exploring the socio-technical challenge: What even are human factors?! and why should I care?

Our lineup of speakers brings together experts from various disciplines, offering insights into psychological processes, economic investment, political landscapes, and industrial perspectives, all relating to cybersecurity. From the importance of habit in positive security behaviours to the economics of security investments, each talk promises a nuanced exploration of the human element in cybersecurity. To complement the talks, multiple activities await attendees, including "Technology, Threats, and Tradeoffs", an innovative research board game designed to immerse players in the dynamic environment of digital healthcare startup development. With a focus on cybersecurity and business investments, this game challenges players to navigate the complexities of strategic decision-making, as well as provides additional interactive sessions aimed at unravelling the essence of human factors. Concluding the session, a panel of experts will tackle the fundamental questions surrounding human factors in cybersecurity, inviting discourse on the challenges, vulnerabilities, and future directions for human factors. Join us as we navigate the socio-technical terrain, striving to answer the critical question: What even are the human factors of cybersecurity?! Talks 0930 - Start of HF village (Roath room) - opening remarks 0940 - Tobi Weickert (University of Bath) - Secure by Habit: Exploring the Role of Routine in Cybersecurity. 0955 - Mordecai Otter (Cardiff University) - Why human factors matter when designing digital defences. 1010 - George Raywood-Burke (Cardiff University) - Applying Theory to Practice: How Decision Making can be influenced in Cyber-Security. 1025 - Chris Locke (Admiral) - Agile Security Delivery 1040 - Elizabeth Kolade (University of Bristol) - Why is Cybersecurity a geopolitical issue? 1055 - Rob - Cross cultural differences in the perceived trustworthiness of online information. Activities 1110 - Oishee Kundu, Tobi Weickert - Threats and trade-offs board game       Victoria Marcinkiewicz - OSINT challenge       Rob Peace/Chris Locke - Disinformation challenge       General HF discussion - everyone/anyone Panel - Exploring the socio-technical challenge: What even are human factors?! and why should I care? 1230 - Prof Phil Morgan (Cardiff University)        Dr Oishee Kundu (University of Bath)        Stephen Donovan (Admiral)        Victoria Marcinkiewicz (Cardiff University) End of track - 1330 PUBLIC CONFIRMED Village https://pretalx.com/bsides-cymru-2024/talk/U379K8/ Roath Room Victoria Marcinkiewicz Rob Peace Oishee Kundu Alicia Cork PUBLISH XP3JZU@@pretalx.com -XP3JZU Lockpicking Village en en 20240427T093000 20240427T163000 070000

Lockpicking Village

The combined TOOOL UK and UKLOCKSPORT.CO.UK team which last year provided the Lockpicking Village at BSides Brsitol 23 and Bsides London 23 would like to run a lockpick village at Bsides Cymru 24. We are proposing all the usual Lockpicking village content including skills transfer and maybe a competition or two. PUBLIC CONFIRMED Village https://pretalx.com/bsides-cymru-2024/talk/XP3JZU/ Bute Room - Lockpicking village Rik Kershaw-Moore PUBLISH RJCAYC@@pretalx.com -RJCAYC ICS Village en en 20240427T093000 20240427T163000 070000

ICS Village

Industrial control systems, such as those controlling many aspects of critical infrastructure including energy, water and manufacturing, are increasingly the target of sophisticated cyber attacks. At the ICS village you can see practical attack demonstrations against real ICS devices, including demonstrations of attack scenarios which can cause physical processes to go wrong. Demonstrations include reconnaissance of ICS devices (and how Nmap can kill devices), the exploitation of programmable logic controllers and password cracking of human machine interfaces. PUBLIC CONFIRMED Village https://pretalx.com/bsides-cymru-2024/talk/RJCAYC/ Sponsors Hall Joe Gardiner PUBLISH DWALNA@@pretalx.com -DWALNA BattleBots en en 20240427T093000 20240427T163000 070000

BattleBots

BattleBots PUBLIC CONFIRMED Village https://pretalx.com/bsides-cymru-2024/talk/DWALNA/ Mezzanine Craig Jones, Clare Johnson + Stuart Criddle