Last month, DefCon had its first-ever fully-online, widely-distributed, fault-tolerant, canceled conference. There were some hiccups, but overall things went smoothly. While we are hopeful that it won’t need to be virtual again in the future, it was undeniably a unique experience.
This month, we have a special guest speaker who has given several talks at DefCon and other conferences, instructs for SANS, and knows a thing or two about Kerberoast. You may know him as none other than Tim Medin!
Tim will be presenting on various Kerberoast attacks and defenses:
Kerberos, besides having three heads and guarding the gates of hell, protects services on Microsoft Windows Domains. Its use is increasing due to the growing number of attacks targeting NTLM authentication. Attacking Kerberos to access Windows resources represents the next generation of attacks on Windows authentication. In this talk Tim will discuss his research on new attacks against Kerberos, including a way to attack the credentials of a remote service without sending traffic to the service as well as rewriting tickets to access systems. He will also examine potential countermeasures against Kerberos attacks with suggestions for mitigating the most common weaknesses in Windows Kerberos deployments.
Whether you are an attacker or a defender, or just a curious hacker, or all three, this is not to be missed.
As usual these past few months, we will be meeting online at https://cafe.cyberia.club/dc612.
As most of you have probably gleaned, DefCon is canceled. For real. Sort of.
Since DefCon is moving to a virtual-only SafeMode this year, things are a little different to say the least. Nobody really knows what it will be like. Will there be connection issues? A DDoS? Will DNS stop working? Probably all of them at once if we’re being honest.
This is definitely a unique situation to find ourselves in, and one that will hopefully not repeat in 2021. As such, we are encouraging everyone to experience it in its fullest (if you are able) and we will not be having a DC612 “meetup” like we normally would in Vegas. Take this time to see what works and what doesn’t, what needs improvement, and maybe take some notes for our future virtual meets.
With luck, masks, and common sense, we’ll see you all in-person next year. But hopefully sooner. But probably not. Expect a September virtual meeting to be planned as usual.