Red Team
Delve into 2023’s most common attack chains used against large enterprises! Gain insights into attacks, defense strategies, and actionable tasks for an instant security lift, learning how to lower your risk of compromise via these attacks without budget strain This presentation is set to unveil the TTPs employed by attackers who targeted low-hanging vulnerabilities to compromise large enterprises in 2023. It will provide a candid, in-depth exploration through a step-by-step attack chain walkthrough, shedding light on the intricacies of these attacks. Discover the hows and whys behind these tactics and gain insights into proactive defense measures. Attendees will leave armed with actionable tasks that can be implemented immediately on Monday, elevating their security posture without straining budgets. By addressing these vulnerabilities, they not only fortify their defenses but also make future penetration tests more cost-effective, eliminating potential “cheap shots” favored by pentesters. The presentation also promises to empower red team participants with the knowledge to potentially achieve domain admin status within an average corporation from the comfort of their couch, all within record time.
Johnny Xmas, a prominent figure inthe Information Security community since 2002, has been a dedicated contributorto public forums, sharing his extensive research and knowledge. Most notablyrecognized for his pivotal role in exposing the American TSA Master Key leaks(2014-2018), uncovering Venmo stalking vulnerabilities (2018), and being anoverall nuisance.
Past experience includes being:Director of Cyber Training at security research firm GRIMM, defending againstthe automated abuse of web infrastructure with Kasada, and as the LeadResearcher on Uptake’s Industrial Cybersecurity Platform. Before this, he spentmany years in the field as a penetration tester, security engineer for a globalFortune 500 retail corporation, and Mainframe auditor and Systems Engineer forseveral IT asset recovery firms.
Today, Johnny continues to shapeand elevate the Information Security landscape with his expertise andcontributions as the President of the Burbsec Information Security Network andthe Head of Offensive Security for a massive, global manufacturing and agriculturecorporation.
We proudly present SecretCon, an entirely unparalleled conference for the state of Minnesota, built for our new digital reality. This conference is dedicated to the many specialties of our hacker, cybersecurity, and privacy community. We have taken it upon ourselves to construct a conference that not only embraces our past, but also looks to the future. Join us!