What do you get when you put tens of thousands of hackers and cyber security experts together in the Las Vegas Convention Center? Apart from a gigantic electricity bill, you get DEF CON, the biggest hacking convention in the world.
OmniCyber Security sent six of our offensive security team to hone their skills and learn something new while rubbing shoulders with their contemporaries.
The DEF CON schedule is a rich tapestry of talks and workshops on the worst things you can do with a computer, and how to do them better. Learning and practising these hacking skills might seem like encouraging wrongdoing, but for many of the Def Con participants, including the team from OmniCyber Security, it’s the opposite. By developing these techniques and connecting with others in the field, they can better replicate a real attack on a network, and devise solutions to patch those holes in your cyber security.
Jack's DEF CON Diaries
Thoughts on the DEF CON experience from Jack, one of our Lead Penetration Testers
What were your highlights from the weekend?
The main highlight for me from the weekend was the social aspect of DEF CON. We’re a remote company, so the whole team is not often together and, when we are, it’s usually brief. Spending nearly a week together for the long days out there really helps to build team cohesion whilst keeping our learning and skills at the cutting edge. I genuinely got face ache from all the laughs too!
We met some really cool people in the various lines for talks (‘linecon’) and it’s always interesting to hear how people ended up there and what they do in the wider industry.
We also went to the Red Team Village party at Area 15 which was awesome. Counterintuitively, even at an event like DEF CON, Red Teamers and Penetration Testers are in the minority. Cloud and Appsec seem to (anecdotally) make up a large portion of the audience. Going to the RTV party meant we got chance to easily meet more of our peers and trade stories and knowledge over a few drinks and arcade games.
What did you learn from DEF CON that you can now apply to engagements with Omni?
There was so much on this year, and with the convention being at Las Vegas Convention Center, it was easier to get around to more talks rather than high-tailing it through various casino hotels trying to find the right room. We were absolutely spoilt for choice, but one of the talks we all agreed was interesting and massively applicable was Melvin Flangvik’s talk ‘Evading Modern Defences When Phishing with Pixels’. He had come up with a really creative way of bypassing mail filter checks and explained his line of thinking and prototyping incredibly well. We had a Red Team engagement starting the week after we got back and, with a bit of post-DEF CON magic, it was a very successful one!
Other highlights were Dirk-jan Mollema & Ceri Coburn’s talk ‘Abusing Windows Hello Without a Severed Hand‘ that looked at how secrets backed by Windows Hello biometric data can still be leveraged and abused, and a talk by Moritz Laurin Thomas called ‘CODASM – Hiding Payloads in Plain .text’ that looked in-depth at Shannon Entropy’s usage within the EDR space.
All of the above focus on various stages within an offensive engagement; Initial access, lateral movement, post-exploitation – and also not being detected!
Why is it important to attend events like DEF CON?
Conventions such as DEF CON are massively important for us to attend. Whilst there are so many incredible resources available online (including many DEF CON talks), there is a whole world of information that doesn’t get published, or only does a lot later down the line. By attending these events, we make sure that OmniCyber Security is up to date with the latest research and techniques. It also gives us a chance to interact with peers in the offensive space, but also the wider IT industry. Sharing knowledge and making connections only makes us better as a team and company. Finally, it’s hard to understate the inspirational effect of going to a conference – particularly one as large and prestigious as DEF CON. We come back massively inspired and excited about what we get to do for a living and who we get to do it with!
When cyber attacks are becoming increasingly common, and the organisations behind them are getting ever more sophisticated, it pays to work with a team that is at the cutting edge of cyber security.
OmniCyber Security stays right up to date, to keep our customers as safe as possible. Contact us to find out more about penetration testing or red teaming services for your organisation.
