Viet Luu
With a passion for offensive security and a knack for creative problem-solving, I lead and execute red team assessments that span physical security, social engineering, and wireless testing. My work involves conducting thorough internal and external network penetration tests and vulnerability assessments to identify and remediate security gaps.
I specialize in developing custom exploit tools to replicate real-world attacks, providing actionable insights and practical solutions to both common and unconventional security challenges. From start to finish, I manage project lifecycles with a focus on measurable impact and continuous improvement.
I’m dedicated to helping organizations strengthen their security postures and adapt to an ever-changing threat landscape — and I’m excited to share some of those insights with the BSides community!
Session
Case studies like DarkVishnya, where eight Eastern European banks lost tens of millions due to physical intrusion and malicious devices, highlight the critical importance of addressing physical security. SecureWorks has included physical intrusion in red team exercises since 2011, with the Japanese team's intrusion success rate remaining at 100%. This emphasizes the urgency of improving physical security.
This session leverages extensive penetration testing experience to illustrate differences in physical security practices between Japan and the United States, presenting real-world cases from both nations. It offers practical insights for effectively countering physical threats. Analysis indicates that Japan’s relatively lenient security, influenced by low crime rates, leaves organizations vulnerable to intrusions through social engineering and inadvertent staff cooperation. Conversely, the U.S. enforces stricter measures due to higher risk awareness but remains susceptible to vulnerabilities driven by human factors. Both countries must tackle their exposure to social engineering. Attendees will understand how cultural contexts shape security postures and gain actionable strategies to strengthen defenses against these weaknesses.