F-Secure Industry Event

Black Hat USA 2021

July 31 - August 5, 2021

Mandalay Bay, Las Vegas & Virtual

F-Secure is excited to announce we are speaking at Black Hat 2021. Senior Consultants James Coote and Alfie Champion will present "I'm a Hacker Get Me Out of Here! Breaking Network Segregation Using Esoteric Command & Control Channels".

This talk will explore the weaponization of esoteric internal command and control (C2) channels and their use for lateral movement. James, an attack simulation consultant with F-Secure Consulting, will demonstrate some novel and reimagined techniques for breaking out of heavily segregated environments.

In particular, the following will be explored, along with the tools that James has developed to make these usable operationally:

  • C2 into VMs through vCenter and Guest Additions
  • C2 using arbitrary network printers and print jobs
  • C2 over Remote Desktop mapped drives and file shares
  • C2 using LDAP attributes

For the red teamers, James will share how to identify and exploit these channels, and the OpSec considerations behind each. He will also share the tools that he's developed to interface with popular C2 frameworks such as Cobalt Strike and C3, providing operators with a seamless C2 experience.

For the blue teamers, James will explore the detection artifacts created when using these tools, and will present use cases to consider implementing. He will also challenge defenders' assumptions about how sophisticated actors may operate within segregated environments, and how commonly accepted boundary systems and technologies may offer a means for actors to progress unimpeded into organizations' most sensitive network zones.

Agenda

Check out the official agenda as it is updated closer to the event.

Speakers

James Coote

James Coote
Senior Security Consultant, F-Secure

James Coote leads F-Secure's collaborative attack simulation team, specializing in attacking and securing the UK's Critical National Infrastructure (CNI). He has 10 years of consulting experience across the Defence and Finance sectors and has spoken on the topic of securing CNI at conferences such as Defcon and TROOPERS.

Alfie Champion

Alfie Champion
Senior Security Consultant, F-Secure

Alfie has a background in software development and DevOps and now leads the global delivery of attack detection services. He has a keen interest in adversary simulation and offensive tradecraft, developing tooling to emulate attacker activity and ultimately aid clients in testing and developing their detective capability.

Now in its 24th year, Black Hat USA is excited to present a unique hybrid event experience, offering the cybersecurity community a choice in how they wish to participate.

Black Hat USA 2021 will open with four days of Virtual Trainings (July 31-August 3) conducted in real-time online, with all instructors accessible throughout each class. The two-day main conference (August 4-5) featuring Briefings, Arsenal, Business Hall, and more will be a hybrid event—offering both a Virtual (online) Event and a Live, In-Person Event in Las Vegas.

See the Conference Highlights below for more details.

Accreditations & Certificates

F-Secure Consulting (F-Secure Cyber Security (Pty) Ltd) is a level 4 contributor to B-BBEE with a procurement recognition level of 100%. Learn more and download our B-BBEE certificate. Click here to read the press release.

Follow us
@fsecure_consult F-Secure-Consulting f-secure-foundry fsecurelabs