Säkerhetspodcasten #243 - SecurityFest 2023


  • mp3, längd: 48:27


I dagens avsnitt går vi igenom årets SecurityFest.

How to f*ck up at OAuth2 while following BCPs -Tobias Ahnoff, Pontus Hanssen

Keynote: Red Notice - Pros And Cons - Alethe Denis

The C2 tool no one talks about: AWS SSM - Run Command - Eduard Agavriloae

Bypassing Anti-Cheats & Hacking Competitive Games - Rohan Aggarwal

OopsSec - The bad, the worst and the ugly of APT’s operations security - Tomer Bar

SQLi to Root Access: Exploiting a ISP infrastructure - Ignacio Navarro

When the Red Team Goes Passwordless - Hasain Alshakarti

Lightning talk: Badge challenge - Abhinav Pandagale

Architecting for security: the old ways - Dan Tentler

How to: Hack the company, before someone else does it for you - STÖK

Tales from the %TEMP% - Jonas Vestberg

Beyond On-Premises: Exploring the Post-Domain Admin Landscape in the Cloud - Natarajan, Kumar

Aikido: Turning EDRs to malicious wipers using 0-day exploits - Or Yair