How Attackers Are Compromising Your Networks and What You Can Do About It

September 27, 2024 (GMT +8)
08:30
Ballroom 1 & 2
     

The main objective of this presentation is to inform attendees of impactful network attacks (mostly Active Directory) that lead to company-wide compromise.

These misconfigurations and vulnerabilities are not complex to abuse however they are very impactful once exploited. Unfortunately, there are a lot of organizations that have not realized this. Moreover, a lot of organizations do not really understand how these things work.

Some of the main points of the presentation may include:
- How do threat actors get in (traditional exploitation vs phishing)?
- Modern breaches that were compromised by “simple and old” attacks relevant to Windows authentication (NetNTLMv2 relays, OS credential dumping, Pass-the-Hash, etc.)
- Kerberos, Kerberoasting, Ticket Attacks, Active Directory Certificate Services
- On-prem AD to cloud (Entra ID) escalation<

Each of the attacks will have recommendations so that attendees can walk away with something that is actually actionable and something they can look at/implement at their organization.

Speaker

CJ Villapando CJ is a security consultant guiding organizations in identifying security weaknesses in their infrastructure. He serves as an Offensive Security Manager at Red Rock IT Security Inc., helping build the organization's research and training programs and leading various security assessments. His six years of progressive industry experience working with public and private entities have given him a well-rounded understanding of how organizations deal with security.

When not working on consulting projects, he is teaching upcoming and seasoned information security professionals. He currently teaches graduate courses for the Master of Information Security Program at De La Salle University Manila and, more recently, the SEC560: Enterprise Penetration Testing course of the SANS Institute.

He holds multiple industry certifications, including GX-PT, GPEN, GX-IH, GCIH, GX-CS, GSEC, GDAT, GMOB, GSTRT, CISSP, OSEP, and OSCP. He has a Master's degree in Information Security from De La Salle University and is taking the Master of Science in Information Security Engineering at the SANS Technology Institute.

« Back