Hacknowledge @ DEF CON 32 in Las Vegas

 

In the heart of Las Vegas, where the desert heat meets the neon glow, DEFCON32 brought together some of the sharpest minds in cybersecurity. This year, for the first time, the event took place at the Las Vegas Convention Center (LVCC), drawing in over 30,000 hackers and security pros. Known for digging into the latest in hacking, info security, and cyber defense, DEFCON turns Vegas into a hotbed of learning and discovery. As folks who live and breathe this stuff, we’re stoked to dive into the talks and demos that are pushing the envelope of what’s possible in the digital world. 

Navigating the Broad Landscape of Cybersecurity in Nevada 

DEFCON32 offers something for everyone in cybersecurity, from hands-on workshops and CTF competitions to talks on new threats, privacy, AI, biosecurity, and hacking ethics. Attendees can explore hardware hacking, car hacking, lockpicking, cryptography, and social engineering. It’s not just about learning; it’s also about building a community, with plenty of chances to network, collaborate, and share knowledge in an open and welcoming environment.

Sharpening Cloud Security Skills

This year, Swiss Post Cyber Security had the opportunity to send two of our SOC engineers to DEFCON32, both of whom have a strong focus on cloud environments. Given their expertise, they were naturally drawn to sessions and discussions related to cloud security, eager to deepen their understanding and discover new ways to enhance our monitoring services.

The Cloud Village at DEFCON quickly became their primary area of interest, offering in-depth insights into advanced threat detection, incident response, and identity management in cloud settings. These topics are directly aligned with their day-to-day work, monitoring and protecting our clients’ cloud infrastructures.

Inspired by the sessions and tools they encountered, our engineers are now keen to further study the application of what they’ve learned. They plan to explore how these new strategies and technologies can be integrated into our SOC services, with the goal of enhancing our ability to detect and respond to threats in the cloud. This continued focus on cloud security will help us ensure that our clients’ environments remain secure and resilient.

Lots of cloud related talks but not only

While we focused on many cloud-related talks, we also took an interest in sessions that demonstrated exploits across different technologies, particularly on Windows. We observed some significant attacks on the new Sudo for Windows solution and some sophisticated downgrade exploits through Windows Updates. These talks could be quite useful in our day-to-day operations, offering us new ideas for detection rules and helping us determine which priorities to focus on in the future.

We also attended a few more unconventional talks, such as learning how to hack a car to use it as a game controller and play Gran Turismo in a full-scale simulation.

Vehicle-to-Game 

We even attended a conference that explored the past, present, and future of bio weapons, highlighting potential future threats like targeted attacks based on ethnic and medical data. Who knows, one day Swiss Post Cyber Security might be monitoring more than just your data —maybe even your body.

Lastly, we made sure to visit the Social Engineering Community Village to witness the well-known Vishing, or vocal phishing, competition, where teams are tasked with preparing a social engineering attack on a target company to extract as much sensitive information as possible in 22 minutes.

Last words 

While we took the time to seriously listen to the talks, taking notes for future developments or improvements at Swiss Post Cyber Security, and gaining more knowledge about our field and the latest in cybersecurity, we also couldn’t resist indulging in a bit of fun. At DEF CON, discovery happens through enjoyment as well. As you may know mastering the art of pinball is also an important skill at Swiss Post Cyber Security, so we could not help but do a little training for when we come home !

Leave a Reply

Your email address will not be published. Required fields are marked *

Emergency