Cash is King: Who’s Wearing Your Crown?

Presented at DerbyCon 3.0 All in the Family (2013), Sept. 27, 2013, 2 p.m. (50 minutes)

Show me the money. If hackers were able to manipulate the world’s accounting systems, governments and corporations would be in a frenzy. Guess what? Hackers can…and will. In this presentation we describe manipulating the major financial accounting systems used by corporations large and small to show the importance of good Information Security and Accounting controls. In this talk we identify ways to manipulate accounting systems for financial gain demonstrating mass accounting systems fraud. Through our research we will demonstrate multiple ways to manipulate accounting data and misappropriate funds. We will also show information security and accounting controls needed to detect these types of advanced attacks. Tom and Spencer will be releasing and demonstrating new PoC malware and a Metasploit meterpreter extension that targets Microsoft Dynamics GP, one of the most popular accounting systems in the world.


  • Spencer McIntyre / ZeroSteiner as Spencer McIntyre
    As a member of the Profiling Team, Spencer McIntyre works to discover vulnerabilities within organizations’ systems and understand underlying risks. During his time with SecureState, he has worked with a variety of clients across multiple industries, giving him experience in how each secures their data and the threats that they encounter. Spencer has developed and maintains popular tools such as the Termineter Smart Meter Attack Framework and EAPeak. He also uses his background in software development to help him to understand and exploit the underlying logic in the software he encounters. He is active in the open source community, making multiple contributions to a variety of projects such as the Metasploit Framework and Scapy. Spencer has released many exploit modules for the Metasploit Framework most recently an exploit for the Firebird Relational Database.
  • Tom Eston
    Tom Eston is the Manager of the Profiling and Penetration Team at SecureState. Tom leads a team of highly skilled penetration testers that provide attack and penetration testing services for SecureState’s clients. Tom focuses much of his research on new technologies such as social media and mobile applications. Tom is the project lead for the OWASP Mobile Threat Model and contributes to other OWASP projects. He is the founder of which is an open community dedicated to exposing the insecurities of social media. Tom is a SANS Mentor, SANS Community instructor, co-host of the Social Media Security podcast and is a frequent speaker at security user groups and worldwide conferences including Black Hat, DEF CON, DerbyCon, ShmooCon, Notacon, SANS, InfoSec World and OWASP AppSec.

Similar Presentations: