{"id":404,"date":"2024-07-18T22:38:01","date_gmt":"2024-07-19T01:38:01","guid":{"rendered":"https:\/\/brhuecon.com\/2024\/?page_id=404"},"modified":"2024-08-05T19:33:15","modified_gmt":"2024-08-05T22:33:15","slug":"descricao-das-palestras","status":"publish","type":"page","link":"https:\/\/brhuecon.com\/2024\/descricao-das-palestras\/","title":{"rendered":"Descri\u00e7\u00e3o das Palestras"},"content":{"rendered":"\n

Tema:<\/strong> Cen\u00e1rio do Risco Digital sob a \u00f3tica do atacante e an\u00e1lise de causas
Descri\u00e7\u00e3o:<\/strong> Uma vis\u00e3o sist\u00eamica do cen\u00e1rio real de seguran\u00e7a e risco cibern\u00e9tico. Centenas de ataques simulados executados a partir de incurs\u00f5es \u201cRed Team Assessment\u201d, evidenciando os impactos potenciais poss\u00edveis, bem como suas probabilidades e os principais vetores utilizados nesses ataques. Identificar o risco \u00e9 t\u00e3o importante quanto garantir um processo de mitiga\u00e7\u00e3o de risco efetivo.
Palestrante:<\/strong> Alexandre Brum<\/a><\/p>\n\n\n\n

\n\n\n\n

Tema:<\/strong> Como meu cachorro invadiu uma empresa
Descri\u00e7\u00e3o:<\/strong> No contexto da era digital, empresas de todos os portes t\u00eam a seguran\u00e7a cibern\u00e9tica como uma prioridade. Entretanto, ocasionalmente, amea\u00e7as podem surgir de fontes inesperadas. Nesta palestra, \u00e9 contada uma hist\u00f3ria sobre como um cachorro aparentemente comum conseguiu obter acesso a informa\u00e7\u00f5es confidenciais de uma empresa, ressaltando as fragilidades e lacunas na seguran\u00e7a que muitas vezes deixamos passar despercebidas.
Palestrante:<\/strong> Felipe Liatzkowski<\/a><\/p>\n\n\n\n

\n\n\n\n

Tema:<\/strong> CrowdStrike Bypass
Descri\u00e7\u00e3o:<\/strong> This presentation details a specific technique used to bypass Falcon\u2019s endpoint protection. It provides a clear and detailed walkthrough of the bypass method, demonstrating how attackers exploit this vulnerability to avoid the EDR automatic actions. The session covers the exact steps involved in the bypass and offers insights on how to protect systems against this threat. This information is for cybersecurity professionals and tech enthusiasts who aim to stay focused on security challenges.
Palestrante:<\/strong> Samuel Pires<\/a><\/p>\n\n\n\n

\n\n\n\n

Tema:<\/strong> Hacking a bank without leaving your bedroom
Descri\u00e7\u00e3o:<\/strong> Hackear um banco \u00e9 provavelmente o sonho de todo pentester. Durante um projeto com a Elytron security, eu e mais dois pentesters tivemos esse objetivo. Nesta talk temos a inten\u00e7\u00e3o de descrever todos os desafios envolvidos no processo, vetor de entrada, quais as medidas implementadas pelo banco para paralisar o ataque e como evadimos e evitamos novas medidas. \u00c9 uma talk completa, do zero ao alcance do objetivo.
Palestrante:<\/strong> Matheus Vrech<\/a> e Arthur Aires<\/a><\/p>\n\n\n\n

\n\n\n\n

Tema:<\/strong> It’s Not a Feature, It’s a Bug!
Descri\u00e7\u00e3o:<\/strong> During a quiet family gathering, I received a new mission: to find suitable management software for our newly opened family clinic. With the responsibility of ensuring the proper management of the clinic and my background in security, I also focused on protecting the sensitive data of patients.
While examining various available options on the market, I noticed that many of these software solutions did not consider potential types of cyberattacks. Determined to find a secure and reliable solution, I began meticulously analyzing the source code of one of the applications.
It was during this investigation that I came across something concerning in one of the systems under review. I found an innocuous feature at first glance, but upon deeper analysis, I saw that it was a critical bug. This allowed me to execute remote code (RCE) and gain unauthorized access to servers and patient data.
In this talk, I will present how I explored this issue, and the rest is history!
Palestrante:<\/strong> Alcyon Junior<\/a><\/p>\n\n\n\n

\n\n\n\n

Tema:<\/strong> Mac-n-Cheese: How to Cook Up Delicious Electron Techniques for Red Teamers
Descri\u00e7\u00e3o:<\/strong> At BRHueCon in Las Vegas, our talk will explore how to exploit Electron applications. We’ll demonstrate methods to access directories protected by the TCC framework and show how to insert backdoors for persistence.
We\u2019ll break down the anatomy of an Electron app, discuss various exploitation scenarios, and highlight case studies of both patched and still-vulnerable apps. Emphasizing the importance of hardening these applications, we\u2019ll present tailored techniques for preventing exploitation.
Additionally, we’ll explore abusing entitlements for camera and audio access.
Palestrante:<\/strong> Roberto “Espreto” Soares<\/a><\/p>\n\n\n\n

\n\n\n\n

Tema:<\/strong> Meus desControles de Seguran\u00e7a – O que fazer ?
Descri\u00e7\u00e3o:<\/strong> A talk cobrir\u00e1 um tema chave para as organiza\u00e7\u00f5es que investem em diversos controles\\ferramentas de seguran\u00e7a e ainda assim n\u00e3o conseguem responder o qu\u00e3o segura elas est\u00e3o. Entenda como a Cymulate pode ajud\u00e1-los a colocar mais controle e efic\u00e1cia no dia a dia de sua opera\u00e7\u00e3o, validando os controles e entregando relat\u00f3rios que fa\u00e7am sentido.
Palestrante:<\/strong> Daniel Gomes<\/a><\/p>\n\n\n\n

\n\n\n\n

Tema:<\/strong> Modelagem de Amea\u00e7a para Identidades
Descri\u00e7\u00e3o:<\/strong> “Identidade \u00e9 o novo per\u00edmetro”. Com seu crescente destaque nos \u00faltimos anos, \u00e9 essencial mudar nossa postura de seguran\u00e7a e avan\u00e7ar al\u00e9m das barreiras tradicionais. Este painel apresentar\u00e1 uma abordagem inovadora de modelagem de amea\u00e7a focada em identidades, destinada a identificar e avaliar potenciais amea\u00e7as de seguran\u00e7a. O objetivo \u00e9 entender como um atacante pode comprometer identidades e as poss\u00edveis consequ\u00eancias desse comprometimento.
Palestrante:<\/strong> Rafael Lachi<\/a><\/p>\n\n\n\n

\n\n\n\n

Tema:<\/strong> Navegando o Oceano de Vulnerabilidades: Desafios e dicas de como identificar e priorizar as vulnerabilidades mais cr\u00edticas para sua organiza\u00e7\u00e3o
Descri\u00e7\u00e3o:<\/strong> Em 2023, em m\u00e9dia, 79 novas CVEs foram publicadas diariamente, tornando o desafio de times de AppSec cada vez mais dif\u00edceis. Mas como identificar e priorizar as amea\u00e7as mais cr\u00edticas para o seu neg\u00f3cio em meio a tanto ru\u00eddo? Nessa apresenta\u00e7\u00e3o, embasada em dados de comunidade, entenda a origem dos desafios dos programas de AppSec modernos e aprenda algumas dicas de como navegar o mar de vulnerabilidades e priorizar aquelas que mais fazem sentido para sua organiza\u00e7\u00e3o.
Palestrante:<\/strong> Raphael Bottino<\/a><\/p>\n\n\n\n

\n\n\n\n

Tema:<\/strong> Offensive on Defensive: Unveiling Endpoint Weaknesses with CVE-2020-26053
Descri\u00e7\u00e3o:<\/strong> This presentation is based on my CVE-2020-26053, The purpose of this presentation, it\u2019s to execute several efficiency and detection tests in my endpoint solution, bringing the result of the defensive security analysis with an offensive mindset performed in the execution of some techniques, regarding the test performed, the first objective it was to simulate targeted attacks using invasive techniques such as Dll Injection using Payload created by msfvenom based on Metasploit platform, and using a PowerView, that is a PowerShell tool to gain network situational awareness on Windows domains. It contains a set of pure-PowerShell replacements for various windows \u201cnet *\u201d commands, which utilize PowerShell AD hooks and underlying Win32 API functions to perform useful Windows domain functionality, It also implements various useful metafunctions, including some custom-written user-hunting functions which will identify where on the network specific users are logged into. It can also check which machines on the domain the current user has local administrator access on. Several functions for the enumeration and abuse of domain trusts also exist. See function descriptions for appropriate usage and available options. For detailed output of underlying functionality, pass the -Verbose or -Debug flags. As a Second test the idea it was to use Shell Injection using payloads created via msfvenom based on PowerView as well using the same strategy to the firsts test, this cmdlet can be used to inject a custom shellcode or Metasploit payload into a new or existing process and execute it. And as a Third test, we used a tool that can perform DLL injection using a tool known as Remote DLL Injector from SecurityXploded team which is using the CreateRemoteThread technique and it has the ability to inject DLL into ASLR-enabled processes. The process ID and the path of the DLL are the two parameters that the tool needs using Payload created by msfvenom. And the fourth test was to download a Ransomware directly on the victim\u2019s machine using PowerShell script and execute itself exploring the policy delay and finally the last test consisted in running the stress test using a script python script with daily malware, provide by MalwaresBazaar by request using API access, and the some moment perform the PowerShell to download a Ransomware directly on the victim\u2019s machine
Palestrante:<\/strong> Filipi Pires<\/a><\/p>\n\n\n\n

\n\n\n\n

Tema:<\/strong> The Oracle Awakens: Demystifying Privilege Escalation in the Cloud
Descri\u00e7\u00e3o:<\/strong> In this talk, we explore privilege escalation mechanisms and paths within Oracle Cloud. Privilege escalation, the process by which an attacker gains elevated access and permissions beyond those intended by the cloud administrator, poses a significant threat in cloud environments and can significantly aid an attacker or pentester.
Our discussion will focus on identifying privilege escalation paths, understanding how cloud administrators can misconfigure policies, and the methods attackers can use to exploit these vulnerabilities. Through carefully designed scenarios and real-world examples, attendees will learn to recognize signs of privilege escalation, thereby enhancing their security posture.
Palestrante:<\/strong> Felipe Pr0teus<\/a><\/p>\n\n\n\n

\n\n\n\n

Tema:<\/strong> Using infostealer information for EASM IR
Descri\u00e7\u00e3o:<\/strong> The presentation shows in a simple and quick way how to use compromised corporate credentials (BEC) through infostealer malware, to not only carry out the treatment process correctly, but also to map External attack surface management (EASM).
Palestrante:<\/strong> Thiago Bordini<\/a><\/p>\n\n\n\n

\n\n\n\n

Tema:<\/strong> When AI Breaks Bad: Navigating the Threatscape of Machine Learning
Descri\u00e7\u00e3o:<\/strong> Based on my recent Studies, the objective of this talk is to lean over the most common techniques known in the AI attack field and join this knowledge with the risk perspective for companies since all the actual companies are somehow using or exposed to AIs. Those attacks can be explored even in companies that do not directly develop their proprietary AI system. Now, AI security must be known and mapped as a tangible risk.
The attacks presented during the talk will be divided into four groups: Extraction, Inversion, Poisoning and Evasion. Each of these techniques is a way to confuse the AI system and generate some type of misbehaviour presenting a risk for the user, such as when the AI is the truth source for important decisions such as credit prediction or the company when for example an attacker confuses the AI to extract training data.
When dealing with AI companies and users must have the same caution as the one applied to protect other systems that store sensitive data for example. After all, as with any other system, an AI is a computer program that processes and analyses a large amount of data to be used in decision-making or other critical process. Thus, the talk will also explore mitigation measures to help manage those risks. After all, now that we have passed the point of return, we need to face the best way to deal with this powerful tool we have in our hands.
Palestrante:<\/strong> Larissa Fonseca<\/a><\/p>\n\n\n\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

Tema: Cen\u00e1rio do Risco Digital sob a \u00f3tica do atacante e an\u00e1lise de causasDescri\u00e7\u00e3o: Uma vis\u00e3o sist\u00eamica do cen\u00e1rio real de seguran\u00e7a e risco cibern\u00e9tico. Centenas de ataques simulados executados a partir de incurs\u00f5es \u201cRed Team Assessment\u201d, evidenciando os impactos potenciais poss\u00edveis, bem como suas probabilidades e os principais vetores utilizados nesses ataques. Identificar o… Descri\u00e7\u00e3o das Palestras<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"neve_meta_sidebar":"","neve_meta_container":"","neve_meta_enable_content_width":"","neve_meta_content_width":0,"neve_meta_title_alignment":"","neve_meta_author_avatar":"","neve_post_elements_order":"","neve_meta_disable_header":"","neve_meta_disable_footer":"","neve_meta_disable_title":"","ngg_post_thumbnail":0,"footnotes":""},"class_list":["post-404","page","type-page","status-publish","hentry"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/brhuecon.com\/2024\/wp-json\/wp\/v2\/pages\/404","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/brhuecon.com\/2024\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/brhuecon.com\/2024\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/brhuecon.com\/2024\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/brhuecon.com\/2024\/wp-json\/wp\/v2\/comments?post=404"}],"version-history":[{"count":13,"href":"https:\/\/brhuecon.com\/2024\/wp-json\/wp\/v2\/pages\/404\/revisions"}],"predecessor-version":[{"id":474,"href":"https:\/\/brhuecon.com\/2024\/wp-json\/wp\/v2\/pages\/404\/revisions\/474"}],"wp:attachment":[{"href":"https:\/\/brhuecon.com\/2024\/wp-json\/wp\/v2\/media?parent=404"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}