CYBERSEC 2022 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy. I Agree
SESSION
09/22 16:30 - 17:00 Red Team Forum
I Defend against Your Defense: LSALSASSUSELESS ;)
It is a well-known story that hackers are moving laterally inside organizations through Mimikatz for password theft and Credential Dumping in large cyber-army APT operations across countries.
The specifics of this technique entail a variety of high-risk behaviors, including privilege escation, accessing LSASS, and memory dumping, and so on. The major endpoint security products will undoubtedly claim that they can detect and prevent such attacks, but this is not the case.
In this session, we will focus on the tactics of password theft and take an overview of the security solutions used by modern enterprises. And to demonstrate the attacker's point of view with the Project Zero attack practice How to break each one. The end of the session will provide multiple Proof of Concept, suggestions of mitigation, and advice on selecting protection solutions.
SPEAKER
Sheng-Hao Ma (@aaaddress1) is currently working as a threat researcher at TXOne Networks, specializing in Windows reverse engineering analysis for over 10 years. In addition, he is currently a member of CHROOT, an information security community in Taiwan. He has also served as a speaker and instructor for various international conferences and organizations such as DEFCON, HITB, Black Hat USA, VXCON, HITCON, ROOTCON, Ministry of National Defense, and Ministry of Education. He is also the author of the popular security book "Windows APT Warfare: The Definitive Guide for Malware Researchers".