London 2012

London, United Kingdom | Mon, Nov 26, 2012 - Mon, Dec 3, 2012
This event is over,
but there are more training opportunities.

Why Our Defenses Are Failing Us. One Click Is All It Takes...

  • Bryce Galbraith
  • Thursday, November 29th, 7:30pm - 8:15pm

Organizations are spending unprecedented amounts of money in an attempt to defend their assets...yet all too often, one click is all it takes for it all to come toppling down around them. Every day we read in the news about national secrets, intellectual property, financial records & personal details being exfiltrated from the largest organizations on Earth. How is this being done? How are they bypassing our defenses (e.g. strong passwords, non-privileged accounts, anti-virus, firewalls/proxies, IDS/IPS, logging, etc.) And most importantly, what can we do about it? A keen understanding of the true risks we face in today's threatscape is paramount to our success...

This presentation will walk through an example spear-phishing campaign to demonstrate:

  • How attackers perform recon on key individuals in target organizations (e.g. admins, executives, engineers, help desk personnel, etc.).
  • How attackers craft and deliver payloads that bypass most detection mechanisms.
  • How attackers elevate privileges to super-user levels - even on fully patched systems.
  • How attackers bypass strong passwords, smart cards, multi-factor, bio-metrics and virtually all forms of strong authentication.
  • How attackers move throughout the environment in search of their "prize" with minimal footprint or artifacts.
  • How attackers exfiltrate secrets out of the organization undetected.

Many organizations are busy being busy, managing all kinds of projects and initiatives, they have all the right products and they have more logs than they know what to do with. Yet, the uncomfortable question persists, "is it working?" If one click by a user is all it takes, we need to re-evaluate...


Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
Monday, November 26
Session Speaker Time Type
Why Do Organizations Get Compromised? Eric Cole Ph.D. Monday, November 26th, 7:15pm - 9:15pm SANS@Night
Wednesday, November 28
Session Speaker Time Type
Security of National eID (smartcard-based) Web Applications Raul Siles Wednesday, November 28th, 6:30pm - 7:30pm SANS@Night
Dissecting Smart Meters Justin Searle Wednesday, November 28th, 7:30pm - 8:30pm SANS@Night
Thursday, November 29
Session Speaker Time Type
10 Things Security Teams Need to Know about Cloud Security‚® Dave Shackleford Thursday, November 29th, 6:00pm - 6:45pm SANS@Night
Practical, Efficient Unix Auditing (With Scripts) James Tarala Thursday, November 29th, 6:45pm - 7:30pm SANS@Night
Why Our Defenses Are Failing Us. One Click Is All It Takes... Bryce Galbraith Thursday, November 29th, 7:30pm - 8:15pm SANS@Night