Inside DEF CON 25

What is DEF CON?

DEF CON is an annual global hacking conference which brings together the brightest minds in information and it covers a variety of topics such as SMB replay attacks, web packet manipulation, and deauthentication attacks on wireless access points. This conference, now in its 25th year in existence, is an opportunity for the most talented professionals in the hacking world to gather and discuss emerging technologies, recent hacks, and cyber threats, and participate in activities that test the skills of the hackers at the event.

As part of our commitment to quality delivery of services, A-LIGN sent its entire penetration testing team to DEF CON 25 to gather insight on current security trends, enhance their hacking skills, and continue to learn from industry experts. Our penetration testers highlighted four key takeaways from the conference.

1.      How Safe is the Cloud?

A major point of contention amongst security experts: How safe is the cloud? Experts weighed in on the potential risks of moving to or utilizing a cloud-based environment.

In a discussion regarding the cloud and its safety, penetration testers attended a session where a client’s system was hacked through their cloud application host. Through their testing methods, penetration testers could steal federation certificates to spoof access tokens, which allowed penetration testers to steal the identities that would eventually allow them access to the client’s Active Directory.

Once access was gained, penetration testers gained privileges to cloud assets, which is equivalent to domain level access. Next, they gained rights to the cloud deployment. The penetration testers reverse engineered back to the on-site network through the two-way street level of access – a clear compromise.

While this exposes cloud subscriptions’ vulnerabilities, the benefits often prove to be worthwhile when deployment is appropriately managed. One of the major vulnerabilities that allow access was a lack of multi-factor authentication, and that penetration testers could gather access keys in public repositories.

As cloud technologies continue to emerge, it is important for organizations to continue to stay up-to-date on the ways in which hackers can compromise their systems. Additionally, as cloud environments grow in use, security standards will be able to better support its unique needs.

2.      Evolving Social Engineering

Within the social engineering village, researchers and experts discussed their experiences using social engineering to break into systems. They also hosted exercises to practice social engineering skills such as breaking into an office using a lock pick, or calling companies to gather information for a game of “capture the flag.”

One of the new technologies discussed around social engineering was URL-based social engineering. As this becomes more prevalent and scripts are created to allow the browser to do more defending, it’s imperative for A-LIGN to evolve its social engineering campaigns so that they will not be blocked by browser defenses. Understanding these security techniques can help us better prepare our clients for traditional social engineering attacks.

“As a social engineering tester, it is always engaging to learn about new and emerging techniques that can improve my skills and challenge our clients to improve their educational programs, as well as their policies and procedures to enhance their security,” said Senior Consultant and Penetration Tester, Marc Rubbinaccio.

3.      Understanding 802.11ac

The 802.11ac wireless protocol is one of the more advanced protocols, becoming more commonly used. It introduces several new technologies, such as extended channel binding (up to 160 MHz), multiple-input/multiple-output (MIMO) spatial streams (up to 8 spatial streams), multi-user MIMO, and beamforming.

Understanding how to appropriately attack and defend 802.11ac networks is especially critical, as most penetration testing tools do not support 802.11ac.

4.      MEATPISTOL and Malware

As always, malware continues to remain a trending topic, but the MEATPISTOL talk took it to a new level. After the Salesforce Red Team presented on the subject, they were fired as soon as they walked off the stage.

The Salesforce Red Team successfully managed to automate and expedite the malware creation process, moving the process of malware creation from days into seconds of work.

Until Next Year

As information security continues to evolve, A-LIGN is committed to staying ahead of the curve. Our team strives to improve the security of our client’s organization and prepare them against cyber threats and vulnerabilities.

Is your organization ready to receive a penetration test? Contact our experienced penetration testers at A-LIGN at [email protected] or 888-702-5446 for more information.