Join us for a full day of talks where you can expect:
Lunch will be provided for delegates, with refreshments served throughout the day. Talks will be followed with a drinks reception to provide key opportunities to network with other security professionals and discuss your security concerns with our consultants.
There are a limited number of seats available, so register early to avoid disappointment.
Please note that your registration will be confirmed by a member of the team.
Progressive jackpotting: a tale of an ATM hack
Apostol Mastoris and Petros Koutroumpis
Payment system security remains a crucial component of operational resilience for UK financial services organizations. The cyber threat to payment systems continues to evolve, including the involvement of state-sponsored threat actors, and the growing sophistication of attacks on ATM networks. The latter increasingly takes the form of 'logical' attacks – where attackers infiltrate corporate networks to access their ATM switching infrastructure or deploy malware to facilitate 'cash-out' from multiple ATMs. Given the seriousness of this threat, the Bank of England is actively encouraging firms to conduct simulated attacks that mimic the actions of skilled cyber attackers, in order to strengthen their resilience.
ATM attacks fall into the following broad categories:
This presentation will summarize the main ATM attack families, and how they have evolved throughout the years. Apostol and Petros will also walk through an authentic attack simulation, where F-Secure emulated real-world threat actor techniques to perform a logical ATM cash-out attack.
Even though critical assets such as ATMs are heavily protected, common security pitfalls and advanced attack techniques could lead to their compromise. This talk will challenge delegates to start thinking about how both can be avoided.
Let’s get physical
Timo Hirvonen and Robert Bearsby
Offensive security professionals are required to increase the sophistication of their tactics, techniques, and procedures (TTPs) to accomplish their goals. This is down to constant improvement in security culture and security products. Timo and Robert have been on a quest to find a way around these modern endpoint security products to demonstrate how perpetrators of credential theft could do the same. As part of this presentation, they will:
Attacking SCCM: a look at the security of Microsoft's Endpoint Management Software System Center
Christopher Panayi
Configuration Manager (SCCM) (now Microsoft Endpoint Configuration Manager) is a software management product that has been widely adopted by large organizations to deploy, update, and manage software. It is commonly used to maintain entire corporate estates, holding responsibility for the deployment and management of the majority of server and workstation machines in Windows environments.
Given the complex nature of SCCM, configuring it correctly is essential to enterprise security. This talk will present insights and attack paths stemming from research F-Secure has conducted in this area. Christopher will primarily discuss weaknesses commonly present in standard SCCM deployment practices, whilst also touching on the broader attack surface it presents. Key takeaways will be provided to help contextualise the impact this work may have on organizations with SCCM deployed, and highlight possible steps towards ensuring a more secure deployment.
IR war stories: methodology of eradicating a full domain compromise
John Rogers and Harry Senior
With the increased capability of threat actors, and restricted budgets for security initiatives, more organizations are having to play "catch up" when faced with large scale security breaches. This talk introduces the 12-step plan – the framework implemented by F-Secure's Incident Response team to effectively contain and eradicate 'hands-on keyboard' attackers from client networks.
The Apple doesn’t fall far from the tree
Calum Hall and Luke Roberts
Enterprise security has traditionally focused on Windows environments. So with more organizations adopting Apple-centric network estates, it is essential to observe corresponding changes and developments in threat landscape.
Calum and Luke will discuss the current methods used to deploy and manage MacOS devices, and the consequent security issues that arise. Where the security industry currently emphasises the risk of an adversary gaining 'Domain Admin' privilege within Active Directory (AD) estates, this talk will present F-Secure's research into what this threat looks like once organizations turn to an Apple-dominated estate, and how those organizations can deploy MacOS devices in a secure and controlled manner.
There are limited spaces available - register below now to secure your spot
F-Secure Consulting (F-Secure Cyber Security (Pty) Ltd) is a level 4 contributor to B-BBEE with a procurement recognition level of 100%. Learn more and download our B-BBEE certificate. Click here to read the press release.