ComfyCon AU 2020 Summer
Building a vibrant and competitive ecosystem
Cyber security is emerging as one of Australia’s most promising growth sectors.
Read MoreCyber Security Adulting
There’s a lot of guidance out there for enterprise, and business to help guide Cyber Security Maturity, and what it means to be a “responsible adult” organisation.
Read MoreDigital Forensics for Compressed Files
How and when timestamps change on a Windows system are well documented, but what happens to timestamps when threat actors ZIP/RAR/CAB up all the data they have collected in your network and exfiltrate it?
Read MoreDownUnderCTF: Australia's Largest CTF in a Nutshell
The story of how a group of individuals from 13 cyber security societies across Australia came together to manage to create Australia’s largest CTF.
Read MoreFunction Similarity Using Machine Learning
I will give an overview of the research in a recent paper where I have been using machine learning to predict function similarity in different malware families.
Read MoreGuardians of the cloud: the sysadmin’s guide to cloud security
Organisations are rapidly moving applications to the cloud to support remote work in the COVID-19 era, leaving sysadmins and security teams to secure a sprawling mass of cloud-based infrastructure.
Read MoreIt Starts with a Question - Inquiry for Cyber Security
As a cyber security hiring manager, I see one of the key differences between people who are successful and those who struggle is the ability to navigate uncertainty.
Read MoreLet's talk CFPs - Stop putting off that conference submission
So your favourite InfoSecurity conference has just published its Call for Paper (CFP) dates!
Read MoreMageCart - modern web attacks for fun and profit
Magecart has been in the news many times due to high profile breaches such as when 100s of Australian website were found to have malware on them and when BA was fined for over $200m.
Read MoreMental Health in InfoSec - We Need To Talk
The Consulting, Digital, Information and Technology industries traditionally have attracted a certain “type” of person.
Read MorePeer Review: Bitter wisdom is better than sweet folly
Before responding to an important text or email it is wise to have a friend weigh in on your wording.
Read MorePlanning Your Active Defence with MITRE Shield
MITRE Shield (https://shield.mitre.org/ ) is a recently published active defence knowledge base MITRE developed to capture and organise active defence techniques and adversary engagement.
Read MorePractical OSINT’ing... while Mountain Biking
OSINT is any sort of intelligence gained through any publicly available source.
Read MoreRed-Teaming cognitive principles for understanding complexity.
Red-teaming has been used since the cold war to help decision makers overcome their own cognitive biases flawed group dynamics and arrive at more thorough judgments about the future.
Read MoreReport Ranger: Pentesting reports with markdown and automation
We’re releasing a new tool for building penetration testing reports called Report Ranger.
Read MoreSecuring mobile apps using Google Firebase
Google firebase is a NoSQL database and mobile / web backend framework.
Read MoreSecurity design flaws in Storage by Zapier
In this talk, I go through the vulnerabilities I discovered in a Zapier service called “Storage by Zapier”.
Read MoreSo you've decided to go out on your own... how to setup for business or subcontracting
Australia has an awesome talent pool of cybersecurity professionals & human beings that unfortunately is under the yoke of large businesses that will subjugate awesomeness for mediocrity.
Read MoreTaming the Velociraptor: who needs EDR anyway?
This talk will look at some key capability I have learnt using Velociraptor in field, fighting evil over the last year and a bit.
Read MoreTeach IT user’s not to get phished: Play the game, get the knowledge and confidence to handle phishing emails/websites
Phishing attacks are prevalent and humans are central to this online identity theft attack, which aims to steal victims’ sensitive and personal information such as username, password, and online banking details.
Read MoreThe blunt advice about getting a job in cybersecurity
Cybersecurity is a well sought-after industry. So, you studied hard at University, maybe you want to transition from that accounting disciple, or perhaps you just watched Mr.
Read MoreThe Paradox at the Heart of Cloud Native Security
In a world where deploying new features to production multiple times a day, is ever more reality than myth, traditional enterprise security and compliance teams are scrambling to cope with the pace of change, the historial walls of the often cited “Church of No” are crumbling around them.
Read MoreThreat hunting for dummies
Hilt gives an introduction to threat hunting and how resource constrained organizations can boot strap a threat hunting program using open source tools.
Read MoreUsing statistical analysis to find beacon communication activity
I’ll cover the types of beacons out there in the wild, a little about some of the c2 frameworks and how beacons are configured and deployed.
Read MoreWhat We Do in the Shadows
We’ve all done it. Setting up a Slack to chat to our colleagues when the proper system doesn’t cut it.
Read MoreWhy I 🖤 Privacy
I spend all day providing advice to people who do different jobs that use data.
Read More