BSides Basingstoke 2024

Psychological safety is a key requirement for a functional workplace. It allows people to challenge ideas and behaviours without fear of negative repercussions and allows a safe place for people to share fears and problems with those who can make change. Security, unfortunately, often disregards the need and importance of psychological safety and instead doubles down on the fear and intimidation in an attempt to achieve its goals. This undermines not only people's trust in security, but also the likelihood of them sharing problems and reporting incidents. I’ll discuss how Security can improve and start becoming a psychological safe space.

This talk is about an adventure in auditing a few appliances from a specific vendor used in telephony networks and discovering a whole host of delicious low hanging fruit that resulted in multiple, undisclosed, full-chain remote root exploits being developed, impacting extremely sensitive parts of telecom networks.

It will go through some of the methodology used to find some wonderful bugs, and how to exploit them.

Traditional cyber defences rely heavily on blacklists and blocking suspicious emails/numbers. However, with phishing attacks becoming increasingly sophisticated, there's a need for a proactive approach to gather real-time threat intelligence. This talk explores the concept of social media honeypots – decoy accounts designed to attract malicious actors. By analyzing their interactions with these honeypots, we can gain valuable insights into current social engineering tactics, techniques, and procedures (TTPs) used by attackers.

Russian Active Measures, Dezinformatsia, and Maskirovka refer to tactics employed by the Russian government, intelligence agencies, and military to influence public opinion, sow discord, deceive, and manipulate information both domestically and internationally.

These tactics have been particularly visible in recent years with the rise of social media and digital communication, allowing for the rapid dissemination of misinformation and propaganda. Russia has been accused of interfering in elections, spreading disinformation about geopolitical events, and supporting extremist groups to further its own agenda.

We willingly share immense personal information about ourselves online disregarding the consequences of such actions. Privacy is now a word we bound around whilst simultaneously sharing with the world every aspect of our lives with no second thought. Social media, public databases and breach dumps are a treasure trove of information. From account takeovers, targeted phishing campaigns, fraud, stalking and blackmail we’ll see how threat actors can put the jigsaw pieces about us together to create a detailed attack profile.

This is the story of an extensive insider investigation. Our international investigation uncovers considerable criminal activities carried out by “the perfect employee”. We will cover overlooked signs of compromise, often ignored investigation techniques, and dissect the tactics employed to track down offenders.

At Pwn2Own 2023, the Zero Day Initiative introduced a new category, surveillance. This talk details how Interrupt Labs identified and exploited a vulnerability allowing us to achieve remote code execution on the Synology BC500 from a network adjacent perspective.

Please be aware this talk is not recorded and as such photographs/videos of the talk by attendees will also not be permitted