I'm in your office - bypassing access control without social engineering

Presented at Disobey 2020, Feb. 15, 2020, 5:45 p.m. (60 minutes)

The Finnish buildings are not as safe as you might think or want them to be. Social engineering is the standard red teaming maneuver, but there are many tricks you can use to get past the locked door without talking to anyone. I will present case examples of weaknesses and attacks I have personally encountered over the years and also offer some background why these weaknesses exist. Your office can even pass security audits with flying colors because these questions are not asked :)

Presenters:

• Antti Virtanen - CISO at Solita Oy
  A white hat hacker @ Team ROT at night, CISO of Solita Oy during the office hours. Bypassing locks and access control every now and then just because it's fascinating.

Links:

• https://disobey.fi/2020/profile/i_m_in_your_office
• https://www.youtube.com/watch?v=jW5XebI1PMg

Similar Presentations:

• GrrCON 2018 / Dragnet: Your Social Engineering Sidekick
• REcon 2006 / Social Engineering for Penetration Testers
• DeepSec 2013 „Secrets, Failures, and Visions“ / Social Engineering Awareness Training - One Day Training Course