Adversary Tactics: Detection will provide you the understanding and ability to build robust detections, starting with the “Why?” and going all the way to the technical implementation of detecting threat actor activity. You will learn how to apply the methodologies and technical approaches practiced, regardless of the security toolsets deployed in your organization. We’ll walk you through starting with a detection engineering strategy first and then focusing on methodologies to build robust alerting, with the result of improving detection and response capabilities throughout security operations. Click here for Training Syllabus
The purpose of the Red Team Training is to understand the underlying concept of red teaming. The training will cover payloads generation, lateral movement techniques, initial foothold and internal reconnaissance. The training is aiming to provide a deep understanding of all the previously described aspects of a red team. Click here for Training Syllabus
Talks will be streamed on YouTube and Twitch for free.
In a world where MFA is enabled on every portal and everything is a web application, red teamers can access cookies and cached information from your browser to gain access to everything without knowing a simple password or having access to your MFA.
Charles F. Hamilton (Mr.Un1k0d3r) Director, KPMG Canada
Charles Hamilton is a Red Teamer, with more than ten years of experience delivering offensive testing services for various government clients and commercial verticals. In recent years, Charles has focused on covert Red Team operations against complex and secured environments. These operations have allowed him to hone his craft at quietly navigating a client's network without detection. Since 2014, he is the founder and operator of the RingZer0 Team website, a platform focused on teaching hacking fundamentals. The RingZer0 community currently has more than 40,000 members worldwide. Charles is also a prolific toolsmith and speaker in the Infosec industry under the handle of Mr.Un1k0d3r.
Dive deep into cutting edge techniques that bypass or neuter modern endpoint defenses. Learn how these solutions work to mitigate their utility and hide deep within code on the endpoint. The days of downloading that binary from the internet and pointing it at a remote machine are over. Today’s defenses oftentimes call for multiple bypasses within a single piece of code. Click here for Training Syllabus
Greg Hatcher , White Knight Labs
Greg has a background in Army Special Forces and teaching Windows internals at the NSA. He also led a 3-man red team for CISA that specialized in attacking America’s critical infrastructure. He authored and teaches WKL’s flagship course, Offensive Development, at Wild West Hackin’ Fest and virtually on the Antisyphon platform. Greg is passionate about C programming for the Windows operating system and abusing Active Directory. Greg is an active member of the following organizations: Cloud Security Alliance, the Right Place, American Corporate Partners, West Michigan Technology Council. He regularly appears in the news discussing cyber warfare and the impact of Chinese APTs on America's critical infrastructure. Greg has the following certifications: GXPN, GCPN, CRTP, CISSP, GWAPT, and GSEC.
Dive deep into cutting edge techniques that bypass or neuter modern endpoint defenses. Learn how these solutions work to mitigate their utility and hide deep within code on the endpoint. The days of downloading that binary from the internet and pointing it at a remote machine are over. Today’s defenses oftentimes call for multiple bypasses within a single piece of code. Click here for Training Syllabus
John Stigerwalt , White Knight Labs
John has worked as blue teamer, vCISO, developer, senior penetration tester, and red team lead. John served as the F-Secure red team lead for the western hemisphere. He has led long‐term red team engagements in highly complex Fortune 500 companies. He has worked together with Microsoft to increase kernel security for the Windows operating system. He has led training at BlackHat, DerbyCon, and Wild West Hackin’ Fest. He is the author WKL’s Advanced Red Team Operations course (ARTO). John has the following certifications: OSCP, OSCE, CRTP (Certified Red Team Professional), CRTE (Certified Red Team Expert), and SLAE (Assembly Language and Shellcoding). John is known as one of the most talented offensive cyber security experts in the world and can do whatever is asked of him on a computer.
As cloud innovation gives birth to new technologies and new threats, now is the time to modernize your cloud security skills and bring them up to the industry standard. Join this hands-on, 4-day course to push your cloud hacking and vulnerability remediation skills to the next level and widen your career prospects. Get your hands dirty with our popular virtual labs and learn from experienced, practicing penetration testers with a legacy of training at Black Hat. Click here for Training Syllabus
Manish Rohilla Principal Security Consultant, NotSoSecure
Manish is involved in day-to-day Penetration Testing for a broad range of NotSoSecure clients, which includes infrastructure and web application Penetration Testing. Typically, clients are Fortune 500 companies and major organisations based in Europe and the US. Client work tends to be carried out in a small team of usually three highly collaborative NotSoSecure Security Consultants, although some work that he involved with is done solo depending on the size of the project. Manish developed an interest in Computer Science at college, beginning with programming and .Net, moving on to networks and Cybersecurity. This led to university studies and a degree in Electronics & Communications Engineering and in 2018 a Masters in Cybersecurity. Before joining NotSoSecure, he worked in Digital Forensics, which involved extracting artifacts from systems that had been used in a criminal activity. In his spare time, he keeps his skills and industry knowledge up-to-date, undertaking various items of personal research in Penetration testing, Cloud Security and DevSecOps. He has also participated in various Conferences like Black Hat, Bsides and Local Null Chapters.
Do you feel pretty good about your Web Application Security testing methodology, but think you might be able to get more out of your tools? Years of experience providing instruction on the process of conducting Web Application Security assessments has made it clear. Even the most experienced testers lack a complete understanding of everything that is available in the industry's #1 Web Application Security testing tool: PortSwigger's Burp Suite Pro. It's time to fix that with Practical Burp Advanced Tactics (PBAT). Click here for Training Syllabus
Tim Tomes (Lanmaster53) Burp Suite Master, PractiSec
Application Security Engineer with extensive experience in the information technology and security industries. Experience ranges from software development to full-scope penetration testing (red teaming) as both a technician and leader for both the United States Military and private industry. Currently specializing in application security as a trainer and practitioner of web application penetration testing and secure software development.
At HackingHub we believe that truly effective security testing goes beyond simply learning about common web vulnerabilities. We approach hacking with an adversary mindset, focusing on objectives rather than just identifying isolated issues. In the real world, vulnerabilities don't exist in a vacuum – they can often be chained together by skilled hackers to maximize impact and reach an end goal. That's why our training emphasizes the power of combining vulnerabilities to paint a full picture of an application's security posture. In this advanced course, you'll learn about a range of critical flaws that could allow a malicious hacker to gain access to a company's infrastructure and sensitive data, including personally identifiable information (PII). Through hands-on labs and exercises, you'll practice thinking like an adversary and get a feel for how vulnerabilities can be exploited in sequence to devastating effect. Click here for Training Syllabus
At HackingHub we believe that truly effective security testing goes beyond simply learning about common web vulnerabilities. We approach hacking with an adversary mindset, focusing on objectives rather than just identifying isolated issues. In the real world, vulnerabilities don't exist in a vacuum – they can often be chained together by skilled hackers to maximize impact and reach an end goal. That's why our training emphasizes the power of combining vulnerabilities to paint a full picture of an application's security posture. In this advanced course, you'll learn about a range of critical flaws that could allow a malicious hacker to gain access to a company's infrastructure and sensitive data, including personally identifiable information (PII). Through hands-on labs and exercises, you'll practice thinking like an adversary and get a feel for how vulnerabilities can be exploited in sequence to devastating effect. Click here for Training Syllabus
At HackingHub we believe that truly effective security testing goes beyond simply learning about common web vulnerabilities. We approach hacking with an adversary mindset, focusing on objectives rather than just identifying isolated issues. In the real world, vulnerabilities don't exist in a vacuum – they can often be chained together by skilled hackers to maximize impact and reach an end goal. That's why our training emphasizes the power of combining vulnerabilities to paint a full picture of an application's security posture. In this advanced course, you'll learn about a range of critical flaws that could allow a malicious hacker to gain access to a company's infrastructure and sensitive data, including personally identifiable information (PII). Through hands-on labs and exercises, you'll practice thinking like an adversary and get a feel for how vulnerabilities can be exploited in sequence to devastating effect. Click here for Training Syllabus
This two-day course provides IT security professionals and ICS/OT engineers interested in ICS/OT security with the fundamental knowledge and skills required to build and expand an ICS/OT security team. Click here for Training Syllabus
Workshops are first-come, first-serve and have limited capacity. Some workshops may be streamed for additional passive participation.
The objective of the workshop is to learn how to use some powerful but intimidating tools while reverse engineering IOT devices: Angr, Unicorn and Qiling.
The workshop aim to show common use cases for each of these tools and also their limits.
To that end, the workshop will propose the following exercices:
Marc-andre Labonte was a system administrator for more than a decade at the McGill Genome Center while it was known as the McGill University and Genome Quebec Innovation Center. There, he took part in the design, deployment, operation and maintenance of the data center as it went through multiple upgrade cycles to accommodate ever powerful high throughput genome sequencers coming to market.
Then, he joined the ETTIC team at Desjardins in 2016 as infrastructure penetration tester. Currently doing vulnerability research on IOT devices, he also presented "Automated contact tracing experiment on ESP Vroom32" workshop at NSEC in 2021. His work is motivated by curiosity and a strong sense of personal privacy in a world of connected devices and data hungry organizations.
Workshops are first-come, first-serve and have limited capacity. Some workshops may be streamed for additional passive participation.
This is an introduction to crypto: building blocks, protocols and attacks on them. We cover: encoding vs encryption, hashes, ‘classic’ crypto, stream ciphers, block ciphers, symmetric crypto, asymmetric crypto, has attacks, classic crypto attacks, stream cipher attack, block cipher attack models, ECB attacks, crypto protocols, digital signatures, message authentication code, nonces, simple authentication, challenge response, simple authentication attacks (key collisions, key extraction and extension, replay, valet, bad counter resync), MAC attacks, digital signature attacks, pubkey substitution, challenge response attacks (middleperson attack, UDS style seed-key predictions), WPA2 password cracking, WPA2 key reinstallation, WPA2 key nulling, TLS/SSL middleperson attacks, SWEET32, DROWN, logjam, POODLE, UDS seed-key exchange attacks (reverse key algorithm, lift key algorithm, solve for unknowns, retry-retry-retry, brute force, glitch past).
Tools covered include: rumkin.com, hashcat, john the ripper, binwalk, radare2, binvis.io, Veles, airocrack-ng, mitmproxy, MITMf.
The workshop is a ‘101’ level: geared for people good at computers but maybe no knowledge of cryptography. There will be minimal math (I promise). We’ll talk mostly about how to break bad crypto and bad crypto algorithms with 10-15min hands-on sessions integrated into 4 hours of workshop: Decrypt ‘Crypto’, Break Hashes, Break Crypto, Visualize Crypto.
We will explore three applications of the building blocks and attacks also. Towards the end we tie-in the building blocks and attacks into how the following crypto protocols get broken: WPA2, TLS and UDS Seed-Key exchange (from automotive). Please join us for an intro-level exploration of cryptography building blocks, protocols and how to attack them. And, as always, crypto means cryptography.
Mr. Gardiner is an independent consultant at Yellow Flag Security, Inc. presently working to secure commercial transportation at the NMFTA and connected transportation with TMNA. With more than ten years of professional experience in embedded systems design and a lifetime of hacking experience, Gardiner has a deep knowledge of the low-level functions of operating systems and the hardware with which they interface. Prior to YFS Inc., Mr. Gardiner held security assurance and reversing roles at a global corporation, as well as worked in embedded software and systems engineering roles at several organizations. He holds a M.Sc. Eng. in Applied Math & Stats from Queen’s University. He is a DEF CON Hardware Hacking Village (DC HHV) and Car Hacking Village (CHV) volunteer. He is GIAC GPEN certified and a GIAC advisory board member, he is also chair of the SAE TEVEES18A1 Cybersecurity Assurance Testing TF (drafting J3061-2), contributor to several ATA TMC task forces, ISO WG11 committees, and a voting member of the SAE Vehicle Electronic Systems Security Committee. Mr. Gardiner has delivered workshops and presentations at several world cybersecurity events including the Cybertruck Challenge, GENIVI security sessions, Hack in Paris, HackFest and DEF CON main stage.
Talks will be streamed on YouTube and Twitch for free.
Nim has become the language of choice for a number of libraries and tools used by red-teamers and pentesters. Much like with Mimikatz and Cobalt Strike before, malicious actors have started putting some of the same tooling to their nefarious purposes . One such example is Mustang Panda, a China-aligned APT that started using Nim to create custom loaders for their Korplug backdoor. For attackers, using a less common language also has benefits when it comes to evading defenses and hindering analysts’ work; we have seen the same thing with the growth of malware written in Go and Rust. In this presentation, we will go over some of the specific challenges associated with analyzing Nim malware. We will then present tips and tools to help mitigate these difficulties. This will include the presentation of Nimfilt, our analysis script for IDA Pro that we will release shortly before the conference. Finally, we will demonstrate the use of Nimfilt and other publicly available tools on real malware samples .
Alexandre is a malware researcher at ESET since 2021. Working with the Montreal team, his research is focused on tracking APT groups and their toolsets.
He has previously presented about APTs and attribution at Botconf, Sleuthcon, Hackfest, and BSidesMTL. He is also involved in mentoring students getting started in infosec. His interests include operating systems fundamentals, writing shell scripts to automate tasks that don't always need to be automated, and brewing beer.
Talks will be streamed on YouTube and Twitch for free.
Did you know that ransomware groups are actually generous? They're so generous, in fact, that after putting all their time and effort into writing an exploit, they just share it with the internet for free! At GreyNoise, we've made it our mission to detect and categorize all traffic blasted onto the internet, which includes old exploits for old vulnerabilities, new exploits for new vulnerabilities, and everything in between. We'll show you what happens when an experienced exploit developer kicks back and lets others do the hard work - by building and deploying honeypots for emergent threats, we can spend our time analyzing what the baddies are up to, which vulnerabilities are actually being exploited, and who's being naughty. This talk will include real-world exploitation examples, including examples of exploits that would go on to join the Known Exploited Vulnerabilities (KEV) list. We'll Armed with that information, security teams can use their limited resources much more efficiently by prioritizing the vulnerabilities that are under attack!
Ron Bowes is a Lead Security Researcher on the GreyNoise Labs team, which tracks and investigates unusual--typically malicious--internet traffic. His primary role is to understand and track the big vulnerabilities of the day/week/month/year; often, that means parsing vague vendor advisories, diff'ing patches, reconstructing attacks from log files, and--most complex of all--installing and configuring enterprise software. When he's not at work, he runs the BSides San Francisco Capture the Flag contest, is a founder of The Long Con conference in Winnipeg, maintains a personal blog, and continues his question to finish every game in his Steam library.
Talks will be streamed on YouTube and Twitch for free.
LLMs are the hot new thing, and are exciting enough to even have their own OWASP Top 10 as of 2023! But are these vulnerabilities really any different from what we already see in more traditional web applications?
In this talk, Logan will explore the different vulnerability families from the new OWASP Top 10 for LLM Applications, discuss the different scenarios represented therein with a focus on real-world exploitation scenarios, and outline how they parallel the vulnerabilities that we've all grown to love and pwn over the years.
Attendees should leave this talk with a more complete understanding of the vulnerabilities manifesting in LLM applications, how these vulnerabilities can directly affect end users, and scenarios to be conscious of when developing for, or around, LLM applications.
Talks will be streamed on YouTube and Twitch for free.
Since we were children we wanted to go to the arcade and play for hours and hours for free. How about we do it now? In this talk I’m gonna show you some vulnerabilities that I discovered in the cashless system of one of the biggest companies in the world, with over 2,300 installations across 70 countries. We will talk about api security, access control and nfc among other things.
Ignacio Navarro, an Ethical Hacker and Security Researcher from Cordoba, Argentina. With around 6 years in the cybersecurity game, he's currently working as an Application Security. Their interests include code analysis, web application security, and cloud security. Speaker at Hackers2Hackers, Security Fest, BSides, Diana Initiative, Hacktivity Budapest, 8.8, Ekoparty. @Ignavarro1
Talks will be streamed on YouTube and Twitch for free.
This talk, centered around curiosity and its transformative power, reflects my personal exploration into uncharted territories, an area that few people are familiar with. Surprisingly, I had no prior experience with hardware hacking; everything I've learned so far, starting from scratch, thanks to countless YouTube tutorials and extensive PDF books.
I'm excited to share my discoveries and experiences thus far, highlighting the potential that curiosity holds in reshaping one's path. This talk aims to provide you with the fundamentals of protocols, types of devices, and the equipment needed to start. Additionally, I will guide you on how to undertake your first hardware hacking project on a connected device. Are you up for joining me on this adventure?
Formerly a firefighter in France 🇫🇷 🚒, I decided to pursue my passion for IT and especially offensive cybersecurity. Now a Pentester in Montreal 🇨🇦 for almost 3 years and an active member of HackersWithoutBorders North America, I am gradually specializing in internal and network intrusion testing.
Sharing our passion for this field, whether for awareness or education, is an important mission for me!
Feel free to contact me to discuss cyber or anything else over a beer :D 🍻
Talks will be streamed on YouTube and Twitch for free.
This talk examines the rise of crowdsourced DDoS attacks amid geopolitical events, focusing on the Russia-Ukraine and Israel-Hamas conflicts. Once the domain of well-resourced actors, large-scale attacks now involve networks of novices using open-source tools, provided there are enough individuals sympathetic to a particular political ideology or cause. To incentivize participation, hacktivists employ leaderboards, cryptocurrency rewards, and gamified ranking systems based on contributions to DDoS attacks. This transforms disruptive criminal attacks against services into a competitive and commoditized activity.
Talks will be streamed on YouTube and Twitch for free.
In 2014, we published a paper about Operation Windigo, where we described a cluster of server-side threats fuelled by Ebury, a backdoor and credential stealer injected into the OpenSSH server and client of compromised servers. That report shed light on web traffic redirections, delivery of Windows malware, and spam campaigns, all using Ebury-compromised servers.
After the arrest and extradition of one of the perpetrators in 2015, some of the monetization activities temporarily stopped, but not all of the botnet’s activities. Ebury continued to be updated and deployed to tens of thousands of servers each year, to reach a cumulative total of nearly 400,000 victims since 2009, the first year Ebury was seen. Moreover, we have discovered its operators have added more tools to their arsenal, such as Apache modules to exfiltrate HTTP requests or proxy traffic, Linux kernel modules to perform traffic redirections, and modified Netfilter tools to inject and hide firewall rules.
For this investigation we set up honeypots to collect Ebury samples and understand deployment tactics, and partnered with law enforcement. This gave us unique visibility into the perpetrators’ activities, which expanded to include cryptocurrency theft and possibly exfiltration of credit card details. We now have a better understanding of how they expand their botnet not only by stealing credentials, but also by actively trying to compromise the hosting provider’s infrastructure to deploy malware on all of the providers’ customer-rented servers. In some cases, this resulted in the compromise of tens of thousands of servers, hosting millions of domains.
The latest update to Ebury, versioned 1.8.2, was first seen in January 2024. In the past years, clever userland rootkit functionalities were added to Ebury, which make its detection a lot more difficult than before. From a system administrator’s perspective, not only is the malware file absent, but none of the resources it uses – such as processes, sockets, and mapped memory – are listed when inspecting the system.
This presentation not only reveals the latest toolset of the Ebury gang, but also discusses detection techniques to protect against some of the trickiest Linux threats. Some techniques are specific to Ebury, but most apply to the detection of any userland rootkit.
Marc-Etienne is a malware researcher at ESET since 2012. He specializes in malware attacking unusual platforms, whether it’s fruity hardware or software from south pole birds. Marc-Etienne focused his research on the reverse engineering of server-side malware to discover their inner working and operation strategy. His research led to the publication of the Operation Windigo white paper that won Virus Bulletin’s Péter Szőr Award for best research paper in 2014. He presented at multiple conferences including RSAC, FIRST, 44con, CARO and Linuxcon Europe. When he’s not one of the organizer, he loves participating in CTF competitions like a partying gentleman. Outside the cyberspace, Marc-Etienne plays the clarinet and read comics.
Marc-Etienne est chercheur en logiciels malveillants chez ESET depuis 2012. Il se spécialise dans les logiciels qui ciblent les plateformes inhabituelles, comme les ordinateurs avec des pommes ou des pingouins. Durant les dernières années, Marc-Etienne s'est concentré sur la rétro-ingénierie de logiciels malveillants s'attaquant aux serveurs, à la fois pour comprendre leurs fonctionnements et comment ils sont utilisés. Ses recherches ont mené à la publication du rapport Operation Windigo qui s'est mérité le prix Péter Szőr Award à Virus Bulletin pour meilleur rapport de recherche en 2014. Il a présenté à de multiples conférences incluant RSAC, FIRST, 44con, CARO Workshop et Linuxcon Europe. Quand il n'est pas dans le comité organisateur, il aime participer à des compétitions de sécurité (CTF) comme un gentilhomme en fête. En dehors du cyberespace, Marc-Etienne joue de la clarinette et lit des bandes dessineés.
Talks will be streamed on YouTube and Twitch for free.
Many are aware of clout-chasing influencers on social media such. However, many have not considered this cultural phenomenon transcending into the professional world. From "thought leaders" on LinkedIn to law enforcement agencies on Twitter, it is not just Instagram models sharing content with the primary goal of getting more 'likes' and followers. In this presentation, Mr. Myler highlights examples of Infosec influencers providing guidance that, at best, distracts from prioritized risk-based cybersecurity.
W. Garrett Myler, owner of Enclave Defense and proud U.S. Air Force Reservist, has over a decade of experience supporting threat intelligence and cyber operations within the U.S. Department of Defense - from strategic to tactical levels of operation. He has traveled the world performing vulnerability assessments on industrial control systems (ICS) supporting critical infrastructure. Mr. Myler is an experienced and engaging cybersecurity instructor and presenter and has trained professionals and addressed audiences from around the world. He is a CISSP, GIAC Certified Forensic Analyst, an ISA 62443 certified "expert", and has a Masters of Science in Digital Forensics and Cyber Investigation. Mr. Myler is honored to fill the roles of husband to his wife Julie and father to their five children.
Talks will be streamed on YouTube and Twitch for free.
Liam Neeson is coming for you. But how will he find you? Come to this talk to learn how the picture of a firetruck you took in front of your house and shared on Instagram two years ago will be the source of your demise.
In this talk, I will share how I developed this compulsive habit, in which I need to find where a picture was taken. We will cover how to perform open-source intelligence (OSINT) on publicly shared pictures and videos, which tools and techniques to use, accompanied with real step-by-step examples.
I believe that understanding how OSINT works is key to better protect ourselves online. I'm aiming to give you the tools and knowledge to be better cybersecurity professionals, and learn to be more careful and diligent online, all in a (hopefully) fun and engaging way.
Not convinced yet? This talk will also cover the following topics: metadata (d'oh!), physical keys (who doesn't like keys?), data in public registries, and conclude with Do's and Don'ts for everyone.
Patricia Gagnon-Renaud is a Cybersecurity Analyst in the Ethical Hacking team at GoSecure. She has a bachelor's degrees in IT engineering, is a licensed engineer, and more recently, has become a Certified Information Systems Security Professional (CISSP). Her interests include social engineering, physical security, lockpicking and urbanism.
Talks will be streamed on YouTube and Twitch for free.
Beyond the buzzword of 'supply chain security,' lies a critical, frequently ignored area: the Build Pipelines of Open Source packages. In this talk, we discuss how we’ve developed a data analysis infrastructure that targets these overlooked vulnerabilities. Our efforts have led to the discovery of 0-days in major OSS projects, such as Terraform providers and modules, AWS Helm Charts, and popular GitHub Actions. We will present a detailed attack tree for GitHub Actions pipelines, offering a deeper analysis than the prior art, and outlining attacks and mitigations. In addition, we will introduce a unique reference for 'Living Off the Pipeline' (LOTP) components, aimed at providing Red and Blue teams with a way to prioritize more risky scenarios.
François is a Senior Product Security Engineer for BoostSecurity, where he leads the Supply Chain research team. With over 10 years of experience in building AppSec programs for large corporations (such as Intel) and small startups he has been in the heat of the action as the DevSecOps movement took shape. François is one of founders of NorthSec and was a challenge designer for the NorthSec CTF.
Talks will be streamed on YouTube and Twitch for free.
Beyond the buzzword of 'supply chain security,' lies a critical, frequently ignored area: the Build Pipelines of Open Source packages. In this talk, we discuss how we’ve developed a data analysis infrastructure that targets these overlooked vulnerabilities. Our efforts have led to the discovery of 0-days in major OSS projects, such as Terraform providers and modules, AWS Helm Charts, and popular GitHub Actions. We will present a detailed attack tree for GitHub Actions pipelines, offering a deeper analysis than the prior art, and outlining attacks and mitigations. In addition, we will introduce a unique reference for 'Living Off the Pipeline' (LOTP) components, aimed at providing Red and Blue teams with a way to prioritize more risky scenarios.
Talks will be streamed on YouTube and Twitch for free.
This presentation, informed by a collaborative research project led by CDEACF, the Alliance des Maisons 2e Étape and the Lab-2038, addresses the critical need for specialized digital privacy strategies in support of Intimate Partner Violence (IPV) victims. Rather than looking at what advices security experts can give to IPV victims, we investigate how user experience, security settings and data governance pratices can directly impact their digital and physical safety. Our research highlights how generic, one-size-fits-all threat modelling and security policies by providers, including internet service providers, can inadvertently burden IPV victims. The talk emphasizes the importance of developing nuanced, victim-centred digital security approaches that acknowledge the unique challenges faced by IPV victims. It advocates for a collaborative effort among service providers, technologists, and social welfare experts to create more sensitive and effective digital privacy solutions tailored to the needs of IPV victims.
Corinne Pulgar brings a unique blend of technical expertise and social awareness to the field of digital security. With a Master's in Software Engineering from École de Technologie Supérieure (ETS) and a Bachelor's in Computer Science from Université du Québec à Montréal (UQAM), they possess a deep understanding of software development and security. They have shown a steadfast commitment to education through their contributions as a project manager and InfoSec at Lab2038 and a teaching assistant and lecturer at multiple institutions, including McGill University, ETS and UQAM. Her ability to translate complex technical concepts into accessible knowledge has made them a sought-after lecturer and mentor.
Corinne’s research, presented at conferences and published in journals, focuses on model-driven software engineering and DevOps, demonstrating their innovative approach to software development. Their work at the intersection of technology and inclusivity reflects their dedication to leveraging their technical expertise for social good, specifically in enhancing digital privacy and security for vulnerable groups. Their unique perspective, combining technical acumen with a passion for social impact, makes them an ideal speaker to address the critical issue of digital privacy in the context of IPV.
Talks will be streamed on YouTube and Twitch for free.
In a mobile-first world, user registration using only a phone number has become pretty common, this phone number has become the primary method of authentication due to its convenience and speed. These systems may or may not verify other details about the user, such as their email address and typically rely on Single Sign-On (SSO) identity Providers.
This talk explores the potential issues that can arise when multiple systems are used for authentication, and how these can lead to vulnerabilities. We will touch upon how authentication and authorization bugs can originate from user registration and how this can lead to full account takeover, password stealing, and denial of service. The speaker will draw from their own experiences in identifying and addressing these vulnerabilities, providing valuable insights into this common issue.
Finally, the talk concludes by discussing potential solutions and stronger controls that can be implemented to prevent these issues from occurring.
Attendee Takeaways * Security engineers will gain valuable experience in identifying and addressing authentication bugs, helping them to improve their skills in this area. * Developers will be encouraged to think more broadly about potential edge cases and vulnerabilities in their applications, leading to stronger and more secure authentication and authorization controls.
As an offensive security engineer at Microsoft, Priyank's primary focus is conducting security exercises that emulate real-world threats impacting billions of users. He is well known for his expertise in identifying high-impact vulnerabilities and has shared his research openly through various industry conferences.
His forte is web/mobile application security assessments, network penetration testing and secure source code reviews. In the past, he has advised F500 brands and startups and does mobile and IoT related research in his spare time.
As a new parent, he is now (re)learning hacking from his toddler who defeats all the "restrictions" to limit their mobility.