Where's my dough?! - A look at webskimming attacks presented at BSidesSaltLakeCity 2020

by Siddarth Coontoor,

Summary : The session is about an emerging threat called web-skimming that has been used to compromise millions of credit cards. Attendees will learn about innovative techniques hackers have used to steal credit cards from e-commerce websites and what developers should do to prevent web-skimming attacks.​Cloud-Based Contextual Analysis as CodeErkang ZhengN/AN/AExplore the power behind software defined contextual analysis in the cloud that allows DevOps and Security teams to be more proactive without disrupting their day to day operations. ​Rendering Ransomware Detection and EDR Products BlindRene KolgaN/AN/AThis talk will cover a Windows evasion technique called “RIPlace” that, when used to maliciously alter files, bypasses most existing ransomware protection technologiesI will review existing ransomware detection methods, the workflow of a typical ransomware and provide a live demo of RIPlace bypassing a number of anti-ransomware technologies.​A Chain Is No Stronger Than Its Weakest LNKDavid FrenchN/AN/AAttackers continue to abuse Windows shortcut (LNK) files to gain initial access to their targeted networks, maintain persistence, and execute malicious scripts. This presentation will familiarize practitioners with the ways in which adversaries abuse LNK files, why detection rates for malicious LNK files are so poor, and provide them with the knowledge to hunt for and detect this behavior in their environment.​Crypto-Agility: Responding Quickly to Cyber Security Events David BrancatoN/AN/AToday, organizations rely heavily on TLS and other encryption protocols to protect data inside and outside their network boundaries. To achieve crypto-agility, organizations must not only be able to quickly respond to mass certificate replacement events but must also be able to demonstrate policy compliance of all certificates and identify any anomalies.​How to Use Code Signing to Protect Your Critical Software Infrastructure Eddie GlenN/AN/AIn this session we will examine the risks of not signing internal software infrastructure code and the common challenges that businesses face when trying to roll out code signing to large audiences. We will provide best practices for how to effectively do this which is convenient for end users as well as satisfies the needs of the security team.​It Is The Year 200, We Are RobotsWill PearceN/AN/AOpenAI talked about the theoretical abuse cases for large language models - we will prove their fears to be legitimate. In this talk we'll explore the use of language models to generate synthetic phishing emails, and build chat-bots to add a personal touch to malware delivery.​BOLA, IDOR, MA, BFLA. Welcome to the OWASP API Top 10!Adam FisherN/AN/AA foundational element of innovation in today’s app-driven world is the API. APIs are a critical part of modern mobile, SaaS and web applications and can be found in customer-facing, partner-facing and internal applications. By nature, APIs expose application logic and sensitive data such as Personally Identifiable Information (PII) and because of this have increasingly become a target for attackers. ​The Domain Password Audit Tool Carrie Roberts, Darin Roberts, Cameron RobertsN/AN/APoor password habits often lead to system compromise. The Roberts family has authored an open source tool called “The Domain Password Audit Tool (DPAT)” and will be presenting how it can be used to understand weak password use. The discussion will include background information on password hashing and how password cracking is accomplished by attackers.