44CON 2019 Sept. 11, 2019 to Sept. 11, 2019, London, UK

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Owning The Cloud Through SSRF Cody Brocious With how many apps are running in the cloud, hacking these instances becomes easier with ...
Mundane office equipment: The front door to persistence on enterprise networks Daniel Rivas The security of common enterprise infrastructure devices such as desktops and laptops has advanced over ...
Continuous Integration / Continuous Bounties: Attacking development pipelines for actual profit Alex Chapman CI/CD pipelines are the perfect, bug-rich target for new and experienced bug hunters. As complex, ...
Making something out of something Chris Wade This talk relates to software and hardware modification of existing consumer electronics in order to ...
Outsourcing global cyber norms? Katharina Sommer Traditional mechanisms of international rule-making have failed to drive forward globally accepted norms of responsible ...
Hunting for bugs, catching dragons Nicolas Joly While browser and plugin exploits are frequent, it’s less common to see exploits affecting targets ...
The CISO's Dilemma Saumil Udayan Shah Defending an enterprise is a balancing act. I have worked as an offensive testing vendor ...
BYOI (Bring Your Own Interpreter) payloads: Fusing the powah of .NET with a scripting language of your choosing Marcello Salvati Offensive PowerShell tradecraft is in “Zombie Mode”: it’s sorta dead, but not entirely. With all ...
Here be dragons… the AWS S3 logging minefields Kieren Nicolas Lovell Cloud based services have become the norm. Your services are in the cloud, your data ...
Security Research Teams - How to manage, grow and retain them Guy Barnhart-magen Security research teams are one of the important partners in any security organization and are ...
Dial V for Vulnerable: Attacking VoIP Phones Phillip Huber More and more everyday objects become “smart” and get connected to the internet. VoIP phones ...
From fuzzing to free reign - Finding zero days with Tenable Research Leslie Forbes Over the last 18 months Tenable Research have been hitting the headlines with major vulnerabilities ...
One Person Army - Playbook on how to be the first Security Engineer at a company Kashish Mittal How often have you heard that ‘Early stage startups don’t care much about Security because ...
Neil Kettle - IBM/Trusteer Rapport: Does IBM (I)ntentionally (B)ackdoor (M)achines? Neil "mu-b" Kettle Despite my best efforts in 2011, IBM/Trusteeer Rapport is still doing the rounds in the ...
A Multi-Cloud Security Auditing Tool Scout Suite Scout Suite (https://github.com/nccgroup/ScoutSuite) is an open source multi-cloud security-auditing tool, which enables security posture assessment ...
“I’m unique, just like you: Human side-channels and their implications for security and privacy” Matt Wixey Almost everything about us – our handwriting, DNA, faces, voices, fingerprints, even our eyes – ...
4G to 5G - Cellular Security Myths and the Reality (not filmed) Matt Summers To date cellular technology has been about delivering a small number of services to end ...
How to have a broader impact as an ethical hacker Johanna Ydergård N/A
Cold War Cryptography Klaus Schmeh The use of cryptography during the Cold War is a fascinating, yet still little researched ...
Rebalance Every 10,000 Kilometers J. Wolfgang Goerlich Careers are long. Jobs are short. One day, things are going well and in balance. ...
Spyware, Ransomware and Worms. How to prevent the next SAP tragedy Jordan Santarsieri Is not a secret that SAP is a market leader and one of the principal ...
The billion dollar IoT attack no one knows about Tony Stykas What would you do if you knew you could exploit 20 million plus IoT devices? ...
Throw Open The Gates: Trading Control for Visibility Kyle Lapucci As many enterprises shift to a cloud first business model, asset visibility can become increasingly ...
EternalGlue - Rewriting NotPetya for corporate use Aaron Adams , Cedric Fisher NCC Group had a large corporate client that was interested in how their production network ...