Conference Talks – November 2020

This month, members of NCC Group will be presenting their work at the following conferences:

  • Sourya Biswas, “Cybersecurity is War: Lessons from Historical Conflicts,” to be presented at BSidesCT (Virtual – November 14 2020)
  • Ian Coldwater (Independent), Duffie Cooley, Brad Geesaman (Darkbit), and Rory McCune (NCC Group), “Keynote: SIG-Honk AMA Panel: Hacking and Hardening in the Cloud Native Garden,” to be presented at KubeCon + CloudNativeCon North America 2020 (Virtual – November 17-20 2020)
  • Juan Garrido, “Bypassing Security Controls in Office 365,” to be presented at CCN-CERT Conference (Virtual – November 30-December 4 2020)

Cybersecurity is War: Lessons from Historical Conflicts
Sourya Biswas

BSidesCT – Virtual
November 14 2020

It’s during moments of adversity that humankind exhibits innovation of the highest order. Nowhere is this truer than during armed conflicts that pit humans against their most dangerous adversaries, other humans. And while the cybersecurity landscape is not a battleground with fallen bodies, there’s truly a war ongoing with hostile threat actors using a variety of evolving attack vectors to compromise information assets. This session looks back at historical conflicts and tries to draw lessons that translate to today’s cybersecurity landscape.

Keynote: SIG-Honk AMA Panel: Hacking and Hardening in the Cloud Native Garden
Ian Coldwater (Independent), Duffie Cooley, Brad Geesaman (Darkbit),
and Rory McCune (NCC Group)
KubeCon + CloudNativeCon North America 2020 – Virtual
November 17-20 2020

Have you ever wondered how hackers think? What do attackers look for when they approach a cluster, and what security hardening steps can stop them in their tracks? Join Ian Coldwater, Brad Geesaman, Rory McCune, and Duffie Cooley for an AMA panel session. This group of friends and longtime Kubernetes security SMEs bring their unique perspectives and experience with securing, attacking, and deploying cloud native infrastructure to form ”sig-HONK,” an unofficial Special Interest Group focused on changing the way we think about and practice security in distributed systems.   How does this group of people come up with ideas as to what to hack next, and how do they go about doing it? What’s all this honking about, anyway?  Come learn the answers to these questions and anything else you have in mind. Ask Us Anything!

AMA Submissions: https://discuss.kubernetes.io/t/call-for-questions-sig-honk-ama-kubecon-na-keynote-panel/13159

Bypassing Security Controls in Office 365
Juan Garrido
CCN-CERT Conference – Virtual
November 30 2020-December 4 2020

On November 30th, Juan Garrido, Managing Security Consultant at NCC Group, will be presenting at CCN-CERT on Bypassing Security Controls in Office 365.

In this talk, Juan will describe and demonstrate multiple techniques for bypassing existing Office 365 application security controls, showing how data can be exfiltrated from highly secure Office 365 tenants which employ strict security policies in order to restrict access to a range of predefined IP addresses or subnets, or configured with Conditional Access Policies, which are used to control access to cloud applications.

Juan is passionate about security, with over ten years in the industry, he’s not only worked on numerous security projects and judicial investigations, but also written several technical books and security tools including VOYEUR and AZUCAR. Juan has been recognized by Microsoft as MVP (Microsoft Most Valuable Professional) for over five years running and has spoken at many renowned conferences including RootedCon, DEFCON, GsickMinds, BlackHat, BSides and Troopers.