1.0 bsides-exeter-2025 2025-04-26 2025-04-26 1 00:05 https://pretalx.com https://pretalx.com/media/bsides-exeter-2025/img/GlitchLogo_52nIv8h.png UTC Auditorium Keynote 2025-04-26T09:00:00+00:00 09:00 00:40 Anticipatory governance in cybersecurity refers to proactive, forward-thinking strategies for managing cyber risks and enhancing resilience. It involves identifying potential threats, vulnerabilities, and future opportunities and challenges within the cybersecurity landscape, then preparing for them in advance. Rather than reacting to security incidents after they occur, anticipatory governance focuses on predicting and mitigating risks before they materialise. This talk will explore the key elements of anticipatory governance in cybersecurity, offering actionable insights for security practitioners. By embracing anticipatory governance, organisations can strengthen their security posture and navigate the increasingly complex digital ecosystem with agility, resilience, and trust. bsides-exeter-2025-66926-accelerating-progress-shifting-from-a-reactive-to-proactive-approach-in-cybersecurity Purple Heather Lowrie en true https://pretalx.com/bsides-exeter-2025/talk/7QKCSC/ https://pretalx.com/bsides-exeter-2025/talk/7QKCSC/feedback/ Auditorium Talk 2025-04-26T09:45:00+00:00 09:45 00:40 Join a seasoned SecOps lead as they dig beyond the financial & reputational impacts of cyber incidents and explore the often overlooked emotional toll, cultural shifts, and stresses that happen when they hit. Discover the far-reaching consequences, from sleepless nights and anxiety to organisational trauma, and go home with practical strategies to build resilience and protect your people before, during, and after attacks. bsides-exeter-2025-62937-aftermath-the-human-cost-of-ransomware Blue Adrian Taylor en false https://pretalx.com/bsides-exeter-2025/talk/UAWWPS/ https://pretalx.com/bsides-exeter-2025/talk/UAWWPS/feedback/ Auditorium Rookie Talk 2025-04-26T10:30:00+00:00 10:30 00:20 This talk provides a brief overview about how Large Language Models (LLMs) work, with a detailed explanation & live demonstration about how you can gather sensitive information from LLMs. This simulates how an attacker could gain information from new and emerging technologies. bsides-exeter-2025-62327-prompt-ing-the-injection-llms-under-attack Purple /media/bsides-exeter-2025/submissions/8Y8MPQ/Prompt-ing_The_In_5A9dt6q.png Smitha Bhabal en This talk begins by explaining the fundamental workings of LLMs, detailing how these models generate responses based upon the prompts they recieve. With this understanding, the session shifts focus towards specific vulns that arise when threat actors manipulate inputs to influence the models outputs. Through live demonstrations, attendees will seek how attackers can exploit these vulnerabilities, simulating real world scenarios where prompt injection is used to cause unintended behaviour or access confidential data. The talk will emphasise the importance of recognising these threats as LLMs become more integrated into applications across industries. This talk will finish with a summary of the elements, and how organisations could defend against these. false https://pretalx.com/bsides-exeter-2025/talk/8Y8MPQ/ https://pretalx.com/bsides-exeter-2025/talk/8Y8MPQ/feedback/ Auditorium Rookie Talk 2025-04-26T10:50:00+00:00 10:50 00:20 This paper will look at reasons why organisations use approved software lists, and why users (with little real understanding of security) find such lists increasingly frustrating, once they have found that they can do the job quicker and more effectively using their own apps. It also examines the role of BYOD in expanding this headache for managers of organisational systems, and how best practice of a hybrid approach to BYOD/organisation systems that embraces security issues can in turn reduce the more general problem of "Shadow IT". The follow on from this would be an academic paper examining the relationship between type of organisation culture and extent of Shadow IT. bsides-exeter-2025-64551-security-mismatch-organisational-users-have-different-it-expectations-from-system-administrators-using-organisational-culture-to-close-the-gap Blue Richard Henson en Computer users get more sophisticated in their use of applications every day. Organisations typically have one application type for each job function, and double-down on security for those applications and the platforms that support them. Users see their application use as quicker and more efficient than the official way, and take short-cuts, often breaking policy to do so. This has been happening for many years, and as apps get more sophisticated, the gulf between end-users and system administrators gets wider. What can be done to close the gap? The role of organisational culture is examined, and conclusions tentatively drawn. Academic research that followed based on types of organisational culture and extent of mismatch. All organisations would participate anonymously. false https://pretalx.com/bsides-exeter-2025/talk/AHBT98/ https://pretalx.com/bsides-exeter-2025/talk/AHBT98/feedback/ Auditorium Rookie Talk 2025-04-26T11:10:00+00:00 11:10 00:20 The 'Art of Threat Modelling' covers a high level overview of the what, why, how of threat modelling and how we all can threat model pretty much..... anything bsides-exeter-2025-65200-the-art-of-threat-modelling Blue Deleted User en Threat Modelling isn't boring! This talk is aims to show you this in a fun, fast paced and engaging way looking at: * The fundamentals of threat modelling * How you can Threat Model anything * The use of your operational data, such as threat intel or post incident reviews, to help better shape your outputs Enjoy false https://pretalx.com/bsides-exeter-2025/talk/D7MRHZ/ https://pretalx.com/bsides-exeter-2025/talk/D7MRHZ/feedback/ Auditorium Talk 2025-04-26T11:40:00+00:00 11:40 00:40 In this talk we'll dive into the world of Open Source Intelligence (OSINT), exploring how public information from online sources can be used to uncover personal (and sometimes private) details about yourself. You'll learn what a digital footprint is, how every action online contributes to your digital identity, and the potential risks associated with using social media. Most importantly, we’ll also go through actionable steps to help you safeguard your privacy and protect yourself from potential online threats. Whether you’re a beginner or want to deepen your understanding about your digital footprint, this session will help equipped you with the tools to stay safe in today’s social media driven world. bsides-exeter-2025-69107-how-to-hack-yourself Purple Stuart Baker en true https://pretalx.com/bsides-exeter-2025/talk/LAXSZ9/ https://pretalx.com/bsides-exeter-2025/talk/LAXSZ9/feedback/ Auditorium Talk 2025-04-26T12:20:00+00:00 12:20 00:40 Jack Hughes a leader of the Unit 42 Digital Forensics and Incident Response team will provide insight into the often-overlooked world of incident recovery. This talk draws on real-world experience and lessons from the front line of cybersecurity. Jack will discuss commonly observed mistakes that derail containment and recovery efforts based on the experience of leading hundreds of incidents globally. The session will walk through case studies, lessons learnt the hard way and methodologies for incident recovery that reduce the current and future risk of incident recurrence. Whether you're a seasoned incident responder or new to the field, this session will equip you with the insights and practical guidance to transform your approach to incident recovery. bsides-exeter-2025-64805-battle-tested-incident-recovery-lessons-from-the-front-lines Purple Jack Hughes en false https://pretalx.com/bsides-exeter-2025/talk/SRMVWC/ https://pretalx.com/bsides-exeter-2025/talk/SRMVWC/feedback/ Auditorium Keynote 2025-04-26T14:00:00+00:00 14:00 00:40 We as an industry have been heavily focused on the ransomware threat. A loud and dramatic threat that commands the attention of security professionals, governments and CEO’s globally but has possibly diverted some of our resources away from another increasingly concerning threat. Hacktivists seem like an old adversary that are the concern only of big banks and extractive industry organisations. This is a dangerous assessment. In this talk we will look at the rapid increase in their number, capability and motivation. Who are they? How do they select targets? How are they funded? Why do they pose a threat to you? What discussions do we need to have in 2025 to combat them? bsides-exeter-2025-64865-hacktivists-v2-0 Purple lisa forte en false https://pretalx.com/bsides-exeter-2025/talk/33CQKT/ https://pretalx.com/bsides-exeter-2025/talk/33CQKT/feedback/ Auditorium Talk 2025-04-26T14:45:00+00:00 14:45 00:40 Successful DevSecOps transformation is much more then putting tools in pipelines and declaring "shift left". The hardest shift to pull off is when it comes to nudging values towards digital safety, and in this talk I walkthrough the techniques and literature I use to do this at scale. We will cover theories from Organisational Change Management, Leadership and Influence, and how we can apply these social tools in the context of DevSecOps to help you make an impact. bsides-exeter-2025-65995-grand-social-engineering-devsecops-and-influence Purple Seb Coles en DevSecOps is more than just technology—it’s a fundamental shift in mindset, culture, and collaboration. While many organizations focus on tools and automation, the real challenge lies in leading people through this transformation. This talk will explore the psychological and organizational change management techniques essential for driving a successful DevSecOps journey. We’ll begin by examining a change model like Kotter’s 8-Step Change Model, a structured approach to transformation that helps organizations create urgency, build coalitions, and embed lasting change. Understanding these steps enables leaders to navigate resistance and foster buy-in at all levels. We will also look psychological safety, a critical factor in high-performing teams. Using David Rock’s SCARF Model we’ll explore how to create environments where developers, security, and operations teams can collaborate without fear. Psychological safety is the foundation for open discussions, continuous learning, and innovation in security practices. Finally, Influence and communication play a crucial role in transformation. We’ll discuss key techniques such as mirroring and active listening, which enhance trust and alignment. Understanding the principles of negotiation and persuasion allows leaders and change agents to align stakeholders, overcome objections, and drive meaningful action. I will talk through my own experiences applying these models in the context of DevSecOps. Whether you are a leader, engineer, or security professional, this talk will equip you with the tools to influence change, foster collaboration, and make an impact. false https://pretalx.com/bsides-exeter-2025/talk/FRL7UC/ https://pretalx.com/bsides-exeter-2025/talk/FRL7UC/feedback/ Auditorium Talk 2025-04-26T15:30:00+00:00 15:30 00:40 Cybersecurity is one of the fastest growing industries, and with that growth comes competition. You’re not only competing with other graduates from your university, but you’re also competing with passionate, self-driven individuals from the rest of the world who have been honing their skills inside and outside the classroom. If you want to stand out and land your first cybersecurity job, you need more than just a degree or certification. Employers are looking for passion, initiative, commitment and adaptability, all those things that can’t be taught in a classroom. As a manager for an Application Security (AppSec) team, I have reviewed hundreds, if not thousands of applications and conducted several hundred interviews. I’ve seen firsthand what makes a candidate stand out and outshine other candidates. Our recruitment is heavily focused on junior roles out of necessity, as we are located far from metropolitan areas and can’t easily attract already established senior professionals. However, my insights might be useful for more senior roles and even roles outside AppSec and Cybersecurity as well, but again, my target group for this paper is junior roles in Ethical hacking. In this talk, I’ll share my real-world insights from hiring and mentoring cybersecurity professionals and show you how to differentiate yourself. I'll share what I look for in candidates, the mistakes to avoid, and hopefully share what makes someone to truly standout and be more hirable. By the end of this talk, you’ll have a clear action plan for building your skills, personal brand, and network so you can land that first job with confidence. It’s a lot of hard work, but trust me, it will make a difference, not just in the short run, what you do from today, will impact the rest of your career. bsides-exeter-2025-65953-hacking-the-job-market-double-your-chances-of-landing-an-ethical-hacker-role Purple /media/bsides-exeter-2025/submissions/YVFNNG/hired_CSFtN6D.PNG Mikael Svall en false https://pretalx.com/bsides-exeter-2025/talk/YVFNNG/ https://pretalx.com/bsides-exeter-2025/talk/YVFNNG/feedback/ Auditorium Keynote 2025-04-26T16:30:00+00:00 16:30 00:40 Malware is constantly evolving, much like biological viruses that adapt over time in response to our defenses. I like to analyze malware as if it were a living entity, driven by the ultimate goal of survival. Just as Evolutionary Game Theory (EGT) is used to study biological evolution, what if we applied it to malware evolution as well? In this talk, I’ll explore how EGT can help us understand why malware behaves the way it does and how different strategies shape its evolution. From one-shot viral outbreaks like the ILOVEYOU worm, to stealthy shape-shifters like Simile, adaptive threats like Emotet, and symbiotic threats like CrackedCantil, we’ll examine how attackers develop survival tactics—some aggressive, some deceptive, and some even collaborative. And just like in nature, where species must adapt or go extinct, I’ll discuss how defenders can use EGT principles and lessons from nature to anticipate future malware threats and build stronger defenses. bsides-exeter-2025-64801-the-un-natural-history-of-malware Purple /media/bsides-exeter-2025/submissions/7BBYE8/lena_pic_2_JTLGxWE.PNG Lena Yu en false https://pretalx.com/bsides-exeter-2025/talk/7BBYE8/ https://pretalx.com/bsides-exeter-2025/talk/7BBYE8/feedback/ Seminar Room 1 Talk 2025-04-26T09:45:00+00:00 09:45 00:40 You have probably heard of the move to professionalise the cyber security industry, but why should you care? Whether your focus is on red teaming, pen testing, vulnerability scanning or threat intelligence, you need to understand the shift in the industry that will, at some point in your career, have a fundamental effect on the way that you record achievement, demonstrate competence and define your experience. I'll talk you through the changes and how to align your career pathway with them. bsides-exeter-2025-62665-why-should-professionalism-matter-to-you Purple /media/bsides-exeter-2025/submissions/SD3YF8/Chartership-600x4_aIg3ujd.png Debi McCormack en I will provide a detailed synopsis of the move to professional registration that has been instigated by the UK Cyber Security Council, backed by central Government and funded by DSIT. There is still confusion in the technical security community about why a Professional Title matters, so I will explain the direction and the effect this is going to have on job searches in the near future. I will also talk about CPD, ethics and standards, and giving back to the industry, and how this should be recorded if you are an offensive consultant - what counts, what doesn't, and what YOU think should count. I'll ask attendees to give me their opinions about this and the move towards professionalisation as a whole. I'll open the floor to questions so we can discuss whether you think this is a good idea, how much you're willing to invest on your individual career path, and how to progress from Associate to Chartered status as your career progresses. false https://pretalx.com/bsides-exeter-2025/talk/SD3YF8/ https://pretalx.com/bsides-exeter-2025/talk/SD3YF8/feedback/ Seminar Room 1 Rookie Talk 2025-04-26T10:30:00+00:00 10:30 00:20 In today’s world cryptocurrency is becoming an area of interest for just about anybody. We constantly hear about it in the headlines, the thousands to billions being stolen, made or gone missing. In most cases, the seed phrase is the master key to all of this news. But how secure is it, really? From phishing scams and malware to sophisticated supply chain attacks, hackers, insiders and that shy teenager in their mom’s basement, are constantly evolving their tactics to hijack seed phrases and drain wallets. bsides-exeter-2025-65977-hodl-your-keys-how-seed-phrases-get-stolen Purple Mykhailo Shtepa en In this talk, we will break down how crypto wallets work, how seed phrases are generated, and the most common ways they get compromised. More importantly, we'll arm you with best practices to keep your crypto safe. Whether you're a seasoned trader or just starting out, this session will help you fortify your defenses in the ever-evolving landscape of digital finance. false https://pretalx.com/bsides-exeter-2025/talk/NRP3EG/ https://pretalx.com/bsides-exeter-2025/talk/NRP3EG/feedback/ Seminar Room 1 Rookie Talk 2025-04-26T10:50:00+00:00 10:50 00:20 In the dark shadowy depths of auditing, you can see a plethora of nonconformities lurking - relentless, chaotic and recurring. Time and time again, these common pitfalls can catch companies off guard, undermining their Information Security Management System (ISMS). Whether you're an auditor, implementer or just a curious soul looking to unravel the mysteries of an ISMS, we'll take a look at the top five nonconformities (personally rated by me) and more importantly, the best mitigations and methods you can employ to prevent these devious traps from recurring! bsides-exeter-2025-64797-one-flew-over-the-auditors-nest-dodging-the-pitfalls-of-compliance Blue Chris en An Information Security Management System (ISMS) is the backbone of an organisation's approach to tackling information security. The most widely known ISMS framework, lauded through the Halls of Compliance, is ISO27001. You've probably heard of it! The ISMS is there to provide a structured approach in protecting organisational and client data in a way that is best suited to the business needs. Some businesses may have an ISMS to generally improve their information security, others may try to implement one for tendering purposes. Though many understand generally what is required, many misinterpret, overlook or outright miss areas that could result in the very foundations of the ISMS crumbling and cracking. "But what are these areas that are so often missed?" I hear you cry. An excellent question! In this talk, I will uncover the five most common nonconformities and how to effectively remediate them that I've encountered during my 4 year tenure as an ISO27001 Lead Auditor. Though the talk will primarily be focused on ISO27001, the knowledge gained can still be applied to any ISMS, regardless of the framework. So come along so you can learn from these experiences and help improve your own ISMS or - if you're an auditor or implementer - further improve your knowledge! false https://pretalx.com/bsides-exeter-2025/talk/VJACQJ/ https://pretalx.com/bsides-exeter-2025/talk/VJACQJ/feedback/ Seminar Room 1 Rookie Talk 2025-04-26T11:10:00+00:00 11:10 00:20 Karate is a martial art focused primarily on improving self-defence, recognising different types of attacks and being prepared to react to them in an efficient way. Sound familiar? Its enduring legacy offers us many lessons that we can bring into our workplaces to strengthen our security. Also, Cobra Kai has made it cool all over again, so tie on a patterned headband, grab a bonsai tree, and join me to explore how karate can help us improve security. Please note that no previous experience is necessary, and no audience members will be "volunteered" for demonstrations. bsides-exeter-2025-65884-black-belt-security-lessons-from-karate Red Rudi van der Heide en The presentation will start with an introduction and explanation of why I'm talking on this topic. I will explain that as a Nidan (second dan) black belt in karate working in cybersecurity, I'm in a position to draw lessons between the two. It will then say what it will not be: a karate class, Cobra Kai, or a history lesson. The main part of the presentation will consider the three main aspects of karate, kihon (basics), kata (set patterns of moves), and kumite (sparring). It will explain what each of these areas are, what they require from the practitioner, and how they apply to cybersecurity. This will be backed up with anecdotes and examples that I've gathered during my time learning karate. After the three main areas, the presentation will cover the "black belt level" of tips, the lessons that might not be obvious to a beginner but become clearer as they progress through the grades. The presentation will take a light-hearted approach, avoiding technical descriptions or confusing jargon. No previous experience or knowledge of karate will be required. false https://pretalx.com/bsides-exeter-2025/talk/W9CQR7/ https://pretalx.com/bsides-exeter-2025/talk/W9CQR7/feedback/ Seminar Room 1 Talk 2025-04-26T11:40:00+00:00 11:40 00:40 Cyber incidents can affect organisations of any size or sector, at any time, so it’s crucial that you have a plan in place to ensure you can respond, recover and continue operating. This session will highlight some of the current best practices in incident response based on cyber crime investigations here in the South West as well as nationally recognised guidance. bsides-exeter-2025-66197-ctrl-panic-alt-response-plans-del-the-drama-best-practices-for-incident-response Blue /media/bsides-exeter-2025/submissions/ZJ8PKK/SWRCCU_Logo_JPG_aL6ZQun.jpg South West Regional Economic and Cyber Crime Unit (SWRECCU) en Over 50% of organisations in the UK experienced a cyber breach or attack in the last 12 months, yet only 22% have a formalised incident response plan (DSIT Cyber Breaches survey). With organisations now relying on digital systems to operate, it’s important to consider what you do when things go wrong. Who do you contact? Who is responsible for what? Should technical teams just switch everything off? Do we send all our staff to the pub whilst we figure this out? These are just some of the questions that businesses should consider when building their incident response plans and the technical response to an incident. The session will signpost attendees to a number of free incident response resources, and we will cover what you can expect from a law enforcement response to cyber attacks. false https://pretalx.com/bsides-exeter-2025/talk/ZJ8PKK/ https://pretalx.com/bsides-exeter-2025/talk/ZJ8PKK/feedback/ Seminar Room 1 Talk 2025-04-26T12:20:00+00:00 12:20 00:40 Should a three-year-old have their own phone? Children face numerous dangers online, from cyberbullying and predatory behaviours to data privacy risks. This talk explores the key challenges kids encounter on the internet and the evolving threats they face. We'll discuss the importance of building awareness among parents, educators, and IT professionals, and look into strategies to protect children in a connected world. bsides-exeter-2025-65971-the-uncomfortable-war-keeping-kids-safe Blue Joe wells en As children become more immersed in the online world, they face unprecedented risks that many parents, educators, and even security professionals struggle to keep up with. From cyberbullying and online predators to exposure to inappropriate content and data privacy concerns, protecting kids online is becoming increasingly challenging. In this discussion, we will explore the most pressing dangers children face today, and provide practical, actionable steps that adults can take to safeguard young users. We'll cover tools, techniques, and strategies (and maybe even make a few of our own!) to help create a safer online experience for the next generation of potential security leaders...maybe. false https://pretalx.com/bsides-exeter-2025/talk/KVVXM3/ https://pretalx.com/bsides-exeter-2025/talk/KVVXM3/feedback/ Seminar Room 1 Talk 2025-04-26T14:45:00+00:00 14:45 00:40 We tend not to pay too much attention to things which are so familiar that we don't always see their true potential or value... like the faithful dog that guards the house or goes to get help if their owner is injured. The good news is that something is already in every corporate and home environment, but do we leverage it to enhance our security posture... not very often, instead favouring the new shiny tools or latest marketing must have, but yet we still see breaches, ransomware and scams... whether you know it or not we all have a super pet or hero dog in our houses and it can help! bsides-exeter-2025-65269-super-pets-the-hero-you-didn-t-know-you-had-in-your-house Blue /media/bsides-exeter-2025/submissions/CDBWSY/Dog_with_sunnies_qJWni6i.jpg Gary Cox en This session will dive into traffic distribution systems, how they work and how they are leveraged by criminal groups. Most importantly we'll discuss how we can look to defend ourselves. false https://pretalx.com/bsides-exeter-2025/talk/CDBWSY/ https://pretalx.com/bsides-exeter-2025/talk/CDBWSY/feedback/ Seminar Room 1 Talk 2025-04-26T15:30:00+00:00 15:30 00:40 Think slaying vamps is tough? Try battling ransomware. This talk flips the script, proving Buffy's not just awesome at slaying demons – she's a cybersecurity guru in disguise. We'll dissect her tactics: threat modeling, rapid response, training and awareness, security tools and techniques, and the crucial power of the Scooby Gang. Forget silver bullets, we're talking firewalls and threat intel. Learn how Buffy's intuition and experience translate to real-world cyber defense, and why even The Chosen One needs a team. Because in cybersecurity, just like in Sunnydale, you're never fighting alone. bsides-exeter-2025-65878-buffy-vs-phishing-slaying-cyber-threats-sunnydale-style Blue Andreea Mihai en false https://pretalx.com/bsides-exeter-2025/talk/UHAECY/ https://pretalx.com/bsides-exeter-2025/talk/UHAECY/feedback/ Seminar Room 7 Talk 2025-04-26T09:45:00+00:00 09:45 00:40 Do you trust the embedded devices around you? Perhaps you shouldn't! Even industry giants make significant mistakes. In this presentation, we will analyse Cisco's VoIP phones, that can be found in offices, governmental buildings, and even the White House. These devices were found to have critical vulnerabilities, including easily exploitable flaws. Fun Fact: Did you know that President Biden and Trump used these phones? Among the vulnerabilities discovered was unauthenticated packet capture, allowing attackers to intercept and listen to any phone call made or received on the device. We'll demonstrate live how simple it is to intercept, reconstruct, and listen to a phone call. This presentation will dive into other issues uncovered during the blackbox testing of these devices. We'll also discuss what Cisco could have done differently to prevent these vulnerabilities and provide guidance on how to avoid similar pitfalls. Additionally, we are going explore the challenges and importance of thorough blackbox testing. Join us for a comprehensive look at the security flaws in trusted devices and learn how to protect against them. bsides-exeter-2025-62917-is-your-phone-spying-on-you-an-in-depth-analysis-of-vulnerabilities-in-cisco-voip-phones Red Balazs Bucsay en false https://pretalx.com/bsides-exeter-2025/talk/HDPXVF/ https://pretalx.com/bsides-exeter-2025/talk/HDPXVF/feedback/ Seminar Room 7 Rookie Talk 2025-04-26T10:30:00+00:00 10:30 00:20 A 20-minute presentation on my journey from working in oil & gas into becoming a Senior CTL APP Pentester and all the challenges I have faced since moving into cyber 3 years ago. This will be aimed at encouraging people to explore their soft skills, and that technical skills aren’t all you need. Key points in the talk will include self-development, tips on resources to use, things I’d do differently and my goals going forward. It is aimed at students/graduates/people looking to transition into cyber security. The talk will be interactive and will contain some technical information, however this is considered a careers talk, not a technical talk. bsides-exeter-2025-65903-zero-to-pentester-my-root-into-cyber Purple Ross Mitchell en This presentation focuses on my transition into cyber security from oil & gas, and how I transferred skills from a completely different role and industry to succeed in my current day-to-day role. There seems to be a misconception in the security space which leans on the idea that success in this industry only comes from graduating from university with a degree in cyber security. Penetration testing is a consultancy-focused role (or should be), therefore client communication is a key skill. Having the ability to effectively communicate technical information to a non-technical audience is a prime example of a skill that makes a great consultant. For example, there's a critical difference between being able to execute a complex DOM-based Cross-Site Scripting attack and the ability to explain the risk of the attack, and how it could be leveraged to contextually affect a specific system. Although certain technical aspects will be noted in this talk, it is more weighted towards having the correct mindset and objectives. Moving from a completely different industry into one as technical as ethical hacking can be daunting, and navigating the plethora of information available can be a task in itself. However, it’s important to maintain a positive outlook and set reasonable goals, as mindset is far more powerful than prior knowledge. The old saying goes: "Give a man a fish, and you feed him for a day. Teach a man to fish, and you feed him for a lifetime." The same applies to learning in cyber security. You can either gain knowledge to overcome a single task or adopt a mindset and work ethic that allow you to tackle a hundred tasks. This goes both ways—employers should recognise talented candidates based on proven work ethic and drive, demonstrated through achievements on platforms like Hack The Box, TryHackMe, TCM Security, A Cloud Guru, and YouTube, rather than overlooking them simply for not holding a cyber security degree. In this talk, I delve into how I progressed to the level of a Senior CTL APP Pentester, providing actionable tips for industry newcomers and those looking to transition into cyber security. false https://pretalx.com/bsides-exeter-2025/talk/LQTB8N/ https://pretalx.com/bsides-exeter-2025/talk/LQTB8N/feedback/ Seminar Room 7 Rookie Talk 2025-04-26T10:50:00+00:00 10:50 00:20 This case study, explained by 2 master's students, dives into the Spectre and Meltdown vulnerabilities, which were exploited to target the CPU architecture design aimed at enhancing performance. Retrospectively, the system had failsafes in place to address this issue, but they were not deployed quickly enough, to prevent this exploit. Attackers leveraged the "Least Recently Used" logic to breach the hardware layer from the software layer, leading to one of the most significant threats in history. Major companies were hesitant to release information until they had a firm solution to ensure public safety. This talk will showcase how the attack was carried out and what countermeasures were implemented to stop this exploit from being carried out in today's world. bsides-exeter-2025-65997-analyzing-the-impact-of-spectre-and-meltdown-vulnerabilities-on-modern-computing-systems-a-case-study Red /media/bsides-exeter-2025/submissions/FBYR9G/sm_7GAbK7f.jpg Mohammed Mohtesham AliAbhishek Aggarwal en The Illusion of Safety Superimposed on a System Prioritizing Performance Over the years, in their pursuit of fine-tuning hardware architecture to meet our aspirations of performance and safety, designers faced a fundamental question: which one can we deliver to the public while maintaining their trust that this is a secure system? However, this delicate balance was shattered when a fatal flaw was discovered, affecting modern architectures in a way that wasn't fully preventable by software patches alone. false https://pretalx.com/bsides-exeter-2025/talk/FBYR9G/ https://pretalx.com/bsides-exeter-2025/talk/FBYR9G/feedback/ Seminar Room 7 Rookie Talk 2025-04-26T11:10:00+00:00 11:10 00:20 A beginner-friendly session aimed at running through common pain-points within the penetration testing process and how automation and scripting can be introduced to help alleviate these issues using Python and Bash. This session explores automating web requests, managing and manipulating large datasets, and generating customer-appropriate outputs to help testers improve efficiency without advanced coding knowledge. Attendees will leave with practical techniques and examples to build custom scripts that streamline workflows and improve testing consistency. bsides-exeter-2025-65979-custom-scripts-and-tools-for-pen-testing-a-beginner-s-guide Red Adam Crease en false https://pretalx.com/bsides-exeter-2025/talk/JTGJXG/ https://pretalx.com/bsides-exeter-2025/talk/JTGJXG/feedback/ Seminar Room 7 Talk 2025-04-26T11:40:00+00:00 11:40 00:40 Modern manufacturing relies heavily on highly integrated IT systems. While various terms -- such as Industry 4.0, Cyber-Physical Production Systems, and the Industrial Internet of Things (IIoT) -- describe these systems, they all share a common characteristic: the fusion of enterprise software with sensors and actuators. This creates a complex IT landscape comprising devices with diverse computational capabilities, operating systems, and software versions. Additionally, many manufacturing environments must integrate legacy systems that were never designed to be connected to the internet, further complicating security efforts. Beyond the inherent challenges of securing such heterogeneous environments, cyberattacks on manufacturing systems can have severe real-world consequences, extending beyond data breaches to physical disruptions and costly damages. In this talk, I will first provide a brief introduction to modern manufacturing systems. I will then explore key cybersecurity threats, with a particular focus on attacks targeting process logic vulnerabilities that can be exploited by both external threat actors and insiders. As far as possible, identified threats will be illustrated by real world attacks. I will conclude the talk with a brief outlook on ongoing research developing tools to detect (and mitigate) cybersecurity threats in modern manufacturing. bsides-exeter-2025-65996-cybersecurity-threats-and-attacks-in-modern-manufacturing Red Achim D. Brucker en false https://pretalx.com/bsides-exeter-2025/talk/KYLMU8/ https://pretalx.com/bsides-exeter-2025/talk/KYLMU8/feedback/ Seminar Room 7 Talk 2025-04-26T12:20:00+00:00 12:20 00:40 Despite HTTP Request Tunnelling's resurgence in recent years with the advent of [HTTP/2 Desync Attacks](https://portswigger.net/research/http2#h2desync), its much bolder big brother HTTP Request Smuggling has stolen the limelight, leaving cases of desync-powered tunnelling buried for all but the most dedicated tunnelling enthusiasts. In this session I will reveal the discovery of wide-spread cases of request tunnelling in applications powered by popular servers including IIS, Azure Front Door and `redacted` including the creation of a novel detection technique that combined the recently popularised "Single-Packet Attack" with our ever-trusty HTTP desync techniques. Throughout the presentation I will also explore the complexities of navigating security research for the first time, drawing parallels from the advice given in [so you want to be a web security researcher](https://portswigger.net/research/so-you-want-to-be-a-web-security-researcher) and illuminate the ease through which existing tooling from industry leading researchers can be adapted in order to rapidly test your own ideas even with a rudimentary understanding of programming. bsides-exeter-2025-65236-the-single-packet-shovel-digging-for-desync-powered-request-tunnelling Red Thomas Stacey en false https://pretalx.com/bsides-exeter-2025/talk/CNHPUV/ https://pretalx.com/bsides-exeter-2025/talk/CNHPUV/feedback/ Seminar Room 7 Talk 2025-04-26T14:45:00+00:00 14:45 00:40 Cobalt Strike started as a legitimate red team tool for simulating adversarial attacks; however, its powerful capabilities have made it a frequent target for abuse by APT groups, hacktivists, and cybercriminals. This talk outlines an automated, large-scale approach to harvesting Cobalt Strike payloads from VirusTotal and de-obfuscating them to extract key Indicators of Compromise (IOCs). By analysing these beacons at scale, we transform raw malware data into actionable threat intelligence—helping defenders stay one step ahead of adversaries who exploit Cobalt Strike for malicious gain. bsides-exeter-2025-62326-beacon-harvest-conquering-cobalt-strike-at-scale Red Ben (@polygonben) en Although Cobalt Strike was originally developed for ethical hacking and red teaming, the platform’s robust features have increasingly drawn the attention of malicious actors. From state-sponsored APTs to hacktivists and cybercriminals, adversaries leverage Cobalt Strike for sophisticated and stealthy attacks. In this session, we will demonstrate our end-to-end process for: - Continuously harvesting Cobalt Strike payloads from VirusTotal - Automating the de-obfuscation of extracted samples - Identifying and extracting key IOCs, such as C2 infrastructure and configuration details We will walk through the custom scripts and tooling that power this pipeline, sharing the challenges and lessons learned in scaling up analysis. Attendees will see how to convert vast quantities of malware data into timely, actionable intelligence to enhance detection, incident response, and overall security posture. By studying these real-world payloads, defenders can better understand how threat actors abuse Cobalt Strike and apply those insights to fortify their defences. false https://pretalx.com/bsides-exeter-2025/talk/D3TBA7/ https://pretalx.com/bsides-exeter-2025/talk/D3TBA7/feedback/ Seminar Room 7 Talk 2025-04-26T15:30:00+00:00 15:30 00:40 For over 11 years the final two iPod nano models somehow managed to evade the best efforts of even the most tenacious hackers to subvert - something which I took personally. The first public jailbreak of an Apple device was a prize simply too enticing to ignore. In this talk I'll explain how I went from zero access to full, persistent and unobstructed control over the entire device. Join me on this tale of ancient font formats and blindly trying to leak bits out of the darkness.... bsides-exeter-2025-65799-paint-me-like-one-of-your-firmwares Red Callum T en true https://pretalx.com/bsides-exeter-2025/talk/33YKMS/ https://pretalx.com/bsides-exeter-2025/talk/33YKMS/feedback/