Derek's chilling in his room waiting to see what last minute CFP's come in. Last Chance People! Get those talks in!! CFP closes at August 17, 2024 23:59 UTC / August 18, 2024 00:59 BST (Local) papercall.io/boncl24

The comings and goings and general conversations by the staff at my local pizza delivery place is better than most soap opera TV. All it needs is one of them to be royalty in disguise. Seemingly all other comedy workplace stereotypes are already in place. 🤣🤣🤣

The #BSidesLDN2024 Call for Papers, Rookies and Workshops are open until midnight 13th Oct. If you have an idea, get working on it and get your proposals in! Further detail available here: pretalx.com/orga/event/bsi…… #Security #BSides #London

🚨Today, the NCSC and partners have issued a joint advisory unveiling Russian military intelligence hackers for a campaign of malicious cyber activity targeting government bodies and critical infrastructure around the world ncsc.gov.uk/news/uk-allies…

This was real. 🤣🤣

#BSidesLDN2024 is organised & run completely by volunteers. We need volunteers to help with some pre-event activities, we also need help on the day of the event where there is lots to do. If you are interested in helping, please read & complete our form: bit.ly/BSidesLDN2024C…

It’s going to be one of those days I fear.

Discover how our CCob🏴󠁧󠁢󠁷󠁬󠁳󠁿 edited Group Policy Objects (GPOs) without being tied to a domain-joined system.🔍 This technical blog explores the challenges of manipulating GPOs from non-domain environments using native Windows tools—minimising IOCs and maximising stealth in

So Censys just deployed the "suspicious-open-dir" label to their search engine. So far it appears a game changer, giving very solid hit rates on finding malicious infrastructure. So for today, this will be a thread documenting my findings using the new feature. 1/x

Earlier this week, Ken Munro shared insights from our independent research into aviation cybersecurity with his talk “Hacking Planes, What Can We Learn on the Ground From Vulnerabilities in the Air?” at the International Security Expo.✈️This included eye-opening

What's really going on with IoT security? 🤔 Explore real-world examples at the PCI Community Meeting 2024 in Barcelona (PCI SSC ). You won't want to miss Ken Munro talk, 'Has IoT Security Improved? Or Is It Still Down The (Smart) Toilet?' 🚽 Ken's bringing a fun and

The Lego set for that special someone.

What systems are protecting your building? Warren Houghton (00Waz) will dive into physical security... What can go wrong and how to get it right in his talk "Let's Get Physical… Security" 🛡️. You'll witness a live demo of card cloning, showing how compromise access works.

Catch Paul Brownridge at SecurityWeek's ICS Cyber Security Conference in Atlanta, United States, discussing why OT security failures persist despite tech advancements. 🤔 He will cover how critical infrastructure and maritime still face security challenges, compounded by the

Join our Cybergibbons 🚲🚲🚲 in Detroit on October 21st at AM EST for his session, "Network Ferrets" 🛡️ Is your OT network truly secure? Many OT environments contain undiscovered devices and undocumented connections that could put critical infrastructure at risk. He'll reveal the

Memory mounting with MemProcFS? This changes everything... Our Luke Davis dives into MemProcFS in our latest blog, exploring how this tool has transformed memory forensics. MemProcFS allows memory dumps to be mounted and browsed like file systems, making complex memory

Mine and Dirk-jan's DEF CON talk, Abusing Windows Hello Without a Severed Hand went live yesterday. We discuss both privileged and unprivileged Windows Hello abuse. Hope you all enjoy it. youtu.be/mFJ-NUnFBac?fe…

Last week, Warren Houghton and Ken Munro demonstrated security flaws in connected buildings, covering BMS, occupancy sensors, HVAC, a/v, and physical access control systems such as RFID-enabled entry passes. It's perfectly possible to configure most RFID access control

Our Ken Munro recently presented at BCS, The Chartered Institute for IT, The Chartered Institute of IT, with an evening on hacking various transport systems, including planes, trains, automobiles, and ships…   He highlighted the advantages of connectivity in our transportation networks, such as the

Christopher Hadnagy engaged in a pattern of harassment and retaliation against me after I left his company, Social-Engineer, LLC. Here are the key actions he took against me, including things not currently written into Def Con’s documentation/exhibits. Note: I simply quit my job.