So, I went to Shmoocon for the first time this year, and I had a blast. Met some good people and saw a lot of great talks. A few highlights:

  • Stephen Breen of FoxGlove Security showed how to chain together a series of existing Windows vulnerabilities to build a new privilege escalation exploit based on the Windows network broadcast name service (NBNS)
  • Jay Beale of InGuardians gave a great talk on using Docker containers to limit attacks on apps
  • Mandiant’s Matt Dunwoody and Nick Carr provided a postmortem on a massive breach they’d recently had to contain and remediate. Key takeaways: as an incident responder, your operational tempo has to outpace the attacker, and if you’ve got PowerShell in your environment, upgrade to v4 to take advantage of the logging capabilities

The links above point to the Shmoocon schedule; I’ll add links to the slides as they become available.

Update: videos are available here.

Author: TheKilt

Information Security, Cosmic Horror, Gaming, Homebrewing, BBQ

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: