2025-08-05 –, Misora
This is our stage, set in early 2023, a nation state is prepping a campaign against several organizations - using similar TTPs.
Join us on an exhilarating journey through a massive incident response (IR) in an incredibly intricate setting. Picture this: A drone strike motivates a nation state to attack an organization and launch an InfoOps campaign. With over 30 distinct Business Units, each with its own unique IT structure. Every endpoint directly exposed to the vast expanse of the internet, boasting a class B IP range. And to top it off, varying levels of security hygiene.
But wait, there's more! The attackers unleashed a devastating ransomware attack, which, surprise, turned out to be successful. Countless terabytes of data held hostage, with no possibility of a key.
Fear not, for we have discovered a remarkable method to exploit this ransomware and reclaim the majority of the encrypted data. Prepare to witness the magic of resourcefulness, innovation, and the art of cracking cryptography. Brace yourself for a talk that will leave you in awe!
n/a
With nearly 35 years of experience in the cyber-security industry, Guy held various positions in both corporates and startups.
As the Co-Founder and CTO of the Incident Response company Profero, his focus is making incident response fast and scalable, harnessing the latest technologies and a cloud-native approach.
Most recently, he led Intel’s Predictive Threat Analysis group, which focused on securing machine learning systems and trusted execution environments. At Intel, he defined the global AI security strategy and roadmap. In addition, he spoke at dozens of events on the research he and the group have done on Security for AI systems and published several white papers on the subject.
Guy is the BSidesTLV chairman and CTF lead, a Public speaker in well-known global security events (SAS, t2, 44CON, BSidesLV, and several DefCon villages, to name a few), and the recipient of the Cisco “black belt” security ninja honor – Cisco’s highest cybersecurity advocate rank.
Brenton leads Incident Response engagements on a daily basis. From cloud sophisticated attackers to ransomware events. Brenton has a unique set of combined security research and DevOps experience allowing him to resolve many cyber-attacks while fully understanding the impact on production systems.