The isle of tortuga, but on the internet

Presented at ToorCon San Diego 2021, Oct. 13, 2021, 5 p.m. (10 minutes).

Despite several thousand companies in the security space doing everything from PR to deep packet inspection and threat intelligence, the internet is still very much lawless, international waters. Largely because policymakers and elected officials just "aren’t computer people" and are woefully underprepared to deal with highly technical topics. Add to this that most organizations do not actually do much real security - they only do whatever their corporate compliance legally requires, and few companies do anything more. The result of this arrangement is that ransomware gangs and other flavors of attackers can do whatever they want with impunity - and they're getting creative about it. In this presentation we'll cover some of the threat landscape we've seen in recent years, and what businesses and governments are doing to stay on top of things. This is a high-level talk about the colorful antics that attackers are getting up to outside of the typical "phish-to-ransomware" approach that has become popular in the last few years. The bar isn't going up, exactly, but more like the bar is getting wider. Attackers are employing interesting and colorful tactics and these sorts of behaviors typically fall outside of the comfort-zone of defenders, as they will involve things like sim cloning, DNS attacks, theft of cookies and taking advantage of lax business logic and misconfigurations to avoid triggering sensors by using actual exploits, or doing things like classical scan-and-attack techniques. Defenders will get an idea of some of the new tricks attackers are deploying, and attackers may learn some new tricks!

Presenters:

  • Dan Tentler / Viss as Dan Tentler
    Dan Tentler is the Executive Founder and CTO of Phobos Group, a boutique information security services and products company. Having been on both red and blue teams, Dan brings a wealth of both defensive and adversarial knowledge to the colorful and interesting problems the security landscape of today produces for us all. Dan has spent time at Twitter, British Telecom, Websense, Anonymizer, Intuit and Sempra Energy, to name a few and has a strong background in systems, networking, architecture and wireless networks, which translates to strengths in lateral movement, data exfiltration, hiding from the blue team, physical security and a variety of other redteam techniques. Outside of work, Dan enjoys spending time either in his kitchen, or inside the goggles of his FPV aircraft.

Links:

Similar Presentations: