RiPHash: Analyzing execution traces on a budget
KAI
This talk presents a strategy for analyzing dynamic execution of binaries based on sample traces
From Exploit Brokers to Extortion
GENEVIEVE STARK
Underground communities have provided marketplaces for selling malware, illicit accesses, and stolen data for well over twenty years. But in the past decade, it has become increasingly common for financially motivated actors to specialize in specific stages of the attack lifecycle. Ransomware-as-a-Service (RaaS) offerings are a notorious example of this shift, but cyber crime actors can purchase a wide range of services and tools, including private or semi-private malware capabilities, malware distribution services, domain registration services, traffic distribution services, code signing certificates, and exploits. In this presentation, we’ll review how the cyber crime ecosystem has flourished under this approach. We’ll then discuss the types of exploits available for purchase. Finally, we’ll examine several case studies that illustrate how specific threat actors have benefited from the professionalization and commoditization of the attack lifecycle.
Modern ColdFusion Exploitation and Attack Surface Reduction
BRIAN REILLY
Yes, an Adobe ColdFusion talk in 2024. It’s been a busy 18 months for ColdFusion security — from new 0-day vulnerabilities discovered to the wild to ancient vulnerabilities being part of ransomware playbooks. Even if you haven’t embraced modern CFML, ColdFusion remains a common legacy application platform found in organizations of all sizes and verticals. In this talk we’ll look at a series of ColdFusion vulnerabilities, map out the attack surface of modern ColdFusion environments, and consider some approaches for attack surface reduction. So whether you consider ColdFusion to be a modern JVM scripting language, legacy application tech debt, or an easy pentest win, this talk is for you. And if you’re too cool for ColdFusion, just squint and pretend it’s a Java talk.
Da Bomb: Beyond Insanity
STEVE MYRICK
As offensive security professionals, our most limiting factor is often our time. If we find an exploit on one host, how can we accurately communicate the impact for our entire network? If the vulnerability is fixed, how do we monitor for regressions? Manual exploit verification on hundreds or thousands of hosts is unrealistic – we need to be able to do more with less. Atomic red team is an open-source library of simple, focused tests that map to the MITRE ATT&CK framework. Combined with an automation platform, we can exponentially multiply the effectiveness of our red team talent and allow them to focus on novel attacks rather than low-hanging fruit. This talk will demonstrate how, with a few free tools, we can automate red teaming techniques to amplify our output without expanding our team or increasing our time spent
Frequently Attacked Questions
TBD
INVISIGOTH
TBD
Identity Threat Hunting Insights: Unveiling Real-World Cases
SHARON NACHSHONY
In today’s cyber threat landscape, identity has emerged as a critical yet often overlooked aspect of cybersecurity. Join me as I delve into the world of identity-based threat hunting, highlighting its importance and complexity. As cybersecurity professional, I’ll share insights from my experiences and real-world cases, providing a comprehensive overview of how identity can enhance threat detection and incident response. This presentation will explore the initial goals of harnessing big data and ensuring identity isn’t sidelined in threat hunting. We will discuss the distinct types of identity and contrast identity-based threat hunting with traditional methods that rely on Endpoint Detection and Response (EDR) or network data. While Indicators of Compromise (IoCs) in EDR and network contexts are typically clear, identity-based IoCs often remain elusive, requiring a more nuanced approach. Using a hypothetical company, “Nexus” as a case study, I’ll illustrate how understanding normal identity behavior can help identify and mitigate abnormal activities promptly. Real-world scenarios will show how early detection of credential scanning and malicious actors through identity threat hunting can transition into effective incident response before significant damage occurs. We’ll examine how compromised accounts can be identified and contained, showcasing the importance of lateral movement detection and comprehensive attack visibility from an identity perspective. The session will also cover how identity-based insights can significantly expedite incident response during breaches, using the Nexus case study to highlight these benefits. Attendees will learn about common security gaps, such as the misuse of administrator accounts and the risks of elevated privileges. We’ll discuss practical strategies to eliminate these vulnerabilities, aiming to leave no loopholes for attackers. Prepare for an engaging and technical session that underscores the vital role of identity in threat hunting and incident response. No prior specific materials are required, but a basic understanding of cybersecurity concepts will be beneficial.
Developer Mode Enabled: Pushing AI Red Teaming Boundaries
DAVID CAMPBELL
In this talk, we will explore the evolution of Red Teaming into AI Red Teaming, emphasizing its crucial role in advancing the security of Large Language Models (LLMs) and beyond. Drawing from my firsthand experiences developing and deploying the largest generative red teaming platform, I will share insightful anecdotes and real-world examples. We will delve into the multifaceted nature of adversarial red teaming, examining how it fortifies AI applications at every layer. This comprehensive approach includes securing the external application interfaces, reinforcing LLM guardrails, and enhancing the robustness of the LLMs’ internal algorithms. By understanding these layers, we can better protect platforms, businesses, and consumers from potential threats. The talk will also highlight the strategic importance of red teaming in identifying vulnerabilities and stress-testing AI systems to withstand real-world adversarial attacks. We will discuss specific case studies that showcase the effectiveness of these strategies in improving the resilience of AI systems. These examples will illustrate the practical applications and significant impact of red teaming on the overall security landscape. Moreover, we will explore the future of AI Red Teaming, considering emerging challenges and the evolving threat landscape. This includes a discussion on how to stay ahead of adversaries by continuously updating and adapting red teaming methodologies. Join me to uncover the essential role of adversarial strategies in fortifying the AI landscape. This talk aims to provide a deep understanding of AI Red Teaming, its practical implementations, and its pivotal importance in ensuring the security and integrity of AI technologies.
We Kill People Based on Metadata
J. GDANSKI
Apple presents itself as a privacy first company and the choice for dissidents, journalists, politicians, and others in need of protection from surveillance, however a number of their products and decisions actively prevent real privacy and put their users at risk digitally and physically. In this talk we explore some of these short comings and make suggestions on how to address them.
Starfox: A Case Study in Exploiting Impractical Bugs
MICHAEL COPPOLA
Not knowing when to give up can sometimes be your greatest asset. In this talk I’ll dive into my first ever project at Trenchant, a capability named Starfox, and how the worst bug ever was turned into a crazy Rube Goldberg machine with reliable iOS persistence as a side-effect.
Chinese Discourse Power
TBD
JAGS
TBD
Summercon 2024 Presents: RESIDUAL GROOVE
Get ready to move with Residual Groove, the electrifying five-piece funk/fusion band hailing from Norwalk, CT, that will be closing out Day 1 of Summercon with a bang! This dynamic ensemble features the incredible talents of brothers Previn Edwards on guitar and vocals, and Kiran Edwards on keys and vocals, alongside the rhythmic prowess of Miles Livolsi on bass, Henry Thomas on drums, and Garrett Halstead on percussion.
Residual Groove blends a healthy mix of their groovy original tunes with surprising and eclectic covers, ensuring a setlist that keeps you on your toes. Known for their seamless transitions and spontaneously improvised segments, their performances are a journey through a diverse soundscape that bridges their varied influences and unique creations. You’ll be entranced by their musical synergy and infectious energy as they create an unforgettable live experience. Don’t miss this chance to feel the funk when Residual Groove brings it to the stage!
Movie Screening: Hackers (1995)
Director: Iain Softley
Starring: Jonny Lee Miller, Angelina Jolie, Jesse Bradford, Matthew Lillard, Laurence Mason, Renoly Santiago, Fisher Stevens, and Lorraine Bracco
Join us for a special, free to the public screening of the 1995 cult classic Hackers! Directed by Iain Softley, this iconic film features an ensemble cast including Jonny Lee Miller, Angelina Jolie, Jesse Bradford, and Matthew Lillard. Hackers plunges us into the exhilarating world of cyber warfare and underground hacker culture, following a group of teenage hackers who uncover a high-stakes conspiracy.
Set against the backdrop of 90s New York City, Hackers captures the zeitgeist of an era where the burgeoning digital revolution promised both boundless opportunities and unprecedented dangers. The film’s portrayal of hacking as both a rebellious act and a form of digital artistry resonated deeply with the emerging tech-savvy generation.
The movie’s authenticity is bolstered by the contributions of real-life New York hacking scene advisors, whose insights ensured that the film’s depiction of hacking techniques and subcultures remained grounded in reality, offering a glimpse into the minds of those who navigated the early digital frontier. They tried, anyway.
Hackers has left an indelible mark on popular culture, influencing everything from fashion to music, and inspiring countless individuals to explore the realms of coding and cybersecurity. Its legacy endures as a nostalgic touchstone for those who witnessed the dawn of the internet age.
After the screening, we invite you to participate in our costume contest! Dress as your favorite Hackers character for a chance to win exciting prizes. Show off your best Dade “Zero Cool” Murphy, Kate “Acid Burn” Libby, or Chris “Cereal Killer” Valasek, and celebrate the enduring legacy of this groundbreaking film.
PRIZES / DJ / PARTY AFTERPARTY
After we dive into the rollerblading documentary film Hackers, the night is just getting started! Stick around for the Party Afterparty where you can show off your best costumes inspired by the movie and stand a chance to win fantastic prizes. And that’s not all – we’ve got DJ Gidjet ready to spin some electrifying tracks, keeping the energy high until 1am. Don’t miss out on this unforgettable night of fun, music, and camaraderie. Don’t worry — when Littlefield eventually bounces us, the party will move on to Summercon stronghold Canal Bar!