CYBERSEC 2022 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy. I Agree
SESSION
09/21 14:00 - 14:30 Threat Research Forum
Speedrun! The Shortest Attack Path to Breaching Linux Servers!
Linux attack methods go beyond RCE; understanding post-penetration methods is critical for both attackers and defenders. This presentation will discuss post-infiltration methods for both offense and defense. We will learn how attackers exploit vulnerabilities to gain access to Linux servers, how they escalate privileges (or find platforms that offer these services) as well as how they become root, maintain persistence, evade detection, and remove traces of their activity.
As defenders, understanding the attackers’ methods is only the beginning. We need to understand how to properly detect, identify, and respond to each and every technique attackers have at their disposal. We will discuss how to efficiently and effectively carry out an incident response as well as how and where to discover artifacts and backdoors. Finally, we will discuss how to best improve and harden Linux server defenses to ensure security.
SPEAKER
Ann Tsai is a cybersecurity researcher for CyCraft Technology and is currently focused on IoT security and vulnerability research. Since university, she has continued to contribute to the open-source community and cybersecurity seminars. In addition, she is a core member of HITCON GIRLS, the first female cybersecurity organization in Taiwan. She is also an open-source software enthusiast and enjoys fuzz testing and reviewing open-source software projects.