Mini-Meets

Talk 1

Breaking the Shield: Bypassing FortWeb WAFs and Zscaler ZIA - Darren McDonald

This short talk dives into bypassing IaaS solutions, showcasing a couple of methods to slip past FortWeb Cloud WAFs and Zscaler ZIA. Compared to traditional infrasture, it's sometimes unclear exactly whats going on and for systems to make false assumptions leading to some low tech and easy bypasses.

Talk 2

Driving Change: A supply-runner's tale - Vic Harkness

Nobody has come from the future to tell Vic to stop yet, and so she continues. In this modern take on the classic "forcing your family to look at travel pictures on a projector screen," Vic will discuss her 19 trips into Ukraine since the start of Russia's full scale invasion in 2022. Learn about what kind of volunteering work one might do in the country, what the situation is like away from the front, and about Ukrainian culture through the eyes of an idiot Brit. A kitchen in Kyiv which makes dehydrated meals for soldiers has kindly donated some dehydrated meal packs for the event, small samples of which will be available for attendees to try.

Talk

Ransomware? Then you better catch 'em! - Mairi MacLeod

A brief look into the history of Ransomware, LockBit and what happened when the NCSC called their bluff

Talk 1

A Phish too Far - Experiences in Targeted Phishing Incident Response by Tom Cope
A technical deep dive into phishing response and post click analysis.

Talk 2

Breaking and Entering - Adventures I Can’t Post About on the Internet by @Th3S3cr3tAg3nt
A look at gaining physical access to offices, data centres and servers. Using stories, photos and CCTV from real engagements.

Talk 1
Prestel, Prince Philip, and the Computer Misuse Act by CuTEL

Talk 2
Security Semiotics: why we should care how people think about security by Rebecca Markwick

Looking at how people view and think about security in order to assess security culture and design better cross team working processes. Semiotics help us to measure and identify the way our end users view security and we can use that to change those views and integrate security better within the organisation

Talk 1
Great At Crime! by R3N

A lighthearted and somewhat anecdotal look at the basics of physical security testing from a red teamer with (at the time) no cyber security experience. We'll go through some fun real life examples and reflect on the lessons learned.

Talk 2
Demonstration of some Mainframe Buffer Overflows, by Jake Labelle

A demo of some interesting Mainframe security training content from DefCon. In this demo it is shown that some of the more common buffer overflow vulnerabilities from modern day systems are still prevalent in the world of mainframe computing.

For those who attended who were interested to learn more, check out the following links:

• DEFCON 30 Mainframe Buffer Overflow

• DC619 Mainframe Lab

Talk
What is real media anymore?
Corey Forbes @yeroc_sebrof

Fuck Disinformation. We all consume digital media daily, from the 6 O'Clock news, to your friends latest instagram post or even the photo's printed in the free copy of the Metro. Doesn't matter how it gets to you in the end at some point that media was digital and that opens the opportunity for a digital touch-up for eye bags or a disastrous video of a political rival. In this talk I'd like to dive into what can be done to catch the mischievous edits and the deep-fakes alike.

Talk 1
Tech companies hate her! Tips to avoid Facial Recognition software. (Number 4 will shock you!!)
Mairi MacLeod @super_mairio

Worried about your privacy in a world where facial recognition software is everywhere? Mairi’s talk goes through the techniques that are tried and tested to help you keep your anonymity when you’re out and about. She covers the basics of FRS, where it’s used then discusses countermeasures, some practical others a bit more wacky and wild!

Talk 2
Feeding Blue Teams False Hope via Exception Handlers
Jordan Jay @0xLegacyy

Let's look at unhooking differently. Rather than removing them altogether through patching, what's stopping us from feeding a blue team false telemetry? In this talk I'll cover the concept of using exception handlers to both bypass hooks, and modify our logged telemetry. It can also be used as an alternative to patching commonly targeted functionality such as AMSI or ETW.