More speakers will be published soon. STAY TUNED //
Benjamin is a hacker with an inquisitive mind. He strives to understand the root cause of problems and feels passionate about helping others succeed.
He has lectured at universities, starred in the hit show Team Whack, founded the Disobey organisation and helped build an incident response team for the largest financial player in the Nordics.
Benjamin was selected as the 2020 TiVi IT Influencer of the year in Finland, and feels that securing enterprises are more about understanding the basics and having a good IT hygiene rather than the AI-blockchain-hypebeast.
Coming from humble beginnings he donates some of his time to volunteering and helping the underprivileged.
Juho works as Information Security Specialist at NCSC-FI. Before NCSC-FI, he has worked in various positions doing security operations, digital forensics and incident response since 2014. His current role involves malware analysis, digital forensics and incident response. In his freetime, Juho runs HelSec Ry, hosts Turvakäräjät podcast and teaches forensics at National Defence Training Association of Finland. Juho is CISSP, GCFA, GMON, GREM and OSCP certified.
In Juho's workshop we learn the very basics of digital forensics. We focus on Windows memory, registry and filesystem. The syllabus involves (but is not limited to) Windows memory structure; what can be found from memory, what can be found from the disk, what tools to use for a specific evidence, and how to study further. Juho has prepared a storyline, which we will analyze first together. The workshop will culminate to a CTF-style competition. In the competition you need to finish analyzing the storyline and answer to some questions related to it. The competition will start at the end of the workshop and will be closed on the next day. This workshop is revised/upgraded edition from the one Juho held at Disobey 2020. Let's make blue team great again!
- (Recommended) Virtual Ubuntu 18.04 with SIFT (https://github.com/teamdfir/sift-cli and –mode=server) and REMnux tools (https://docs.remnux.org/install-distro/install-from-scratch and –mode=addon)
- OR Virtual SIFT / REMnux / KALI OR you can install tools on your Linux as we use them
- 40Gb of free space on the system
Antti Kurittu is a former police officer from the Helsinki PD and has worked as a senior specialist for the NCSC-FI. Currently Antti is the Digital Forensics & Incident Response Team Lead at Nixu Oyj, a Finnish cyber security company. He also co-hosts the massively popular Turvakäräjät podcast together with Juho Jauhiainen and Laura Kankaala. In his spare time he touches computers and tries to do some Brazilian jiu jitsu.
Nick Jones is the cloud security lead and a senior security consultant at F-Secure Consulting, where he focuses on AWS security and attack detection in advanced, cloud-native organisations. He has been delivering offensive security testing, consultancy and support to a world-wide client base, including some of the world's largest financial organisations, for over 7 years.
Nick has previously spoken at t2, DEF CON Cloud Village, fwd:cloudsec, Cloud Native Security Day and DevSecCon, and maintains Leonidas, an open source framework for simulating attacks against cloud environments.
Tommy is a 37-year-old hacker from Richmond Virginia. He started out as a blackhat in the mid 90s and continued on this path until his final release from prison in 2010.
Upon being released from prison, Tommy began a career as a Unix System Admin, and a Bug Bounty Hunter. Since then, he had become one of the highest paid and most well-known Bug Bounty Hunters on the planet featured in the news frequently, as well as in documentaries done by Bloomberg and others.
Plug started his journey in computer security back in 1996 when he discovered a 2600 magazine that eventually led him to his first LA2600 meeting in 1998. From that point forward, he has been involved in computer security. In his free time he enjoys building Legos, playing with synthesizers, and when possible, he volunteers his time to computer security events.
Peeter started programming back in 80's when computers ate punchcards for breakfast, lunch and dinner. His past includes design, printing, teaching, writing, radio- and TV production, marketing, web development and presumably a lot of things he has either forgotten about or prefers to not remember. For past 5 years he has been with hosting provider Zone.ee, among other tasks helping some 40 000 website-owners stay safe ... and clean up the mess if they don't. When not hacking around tends to sail or stand watches in voluntary marine rescue (or some combination of these - like being rescued while sailing).
In his workshop for MAYhem, Peeter will walk you through the process of finding the presumable time and method of intrusion for common WordPress attack vectors (and really stupid cases of self-pwning) together with his 'clinup' process. We'll be using his publicly available scripts and SpectX, easier labs can be enjoyed using web browser and text editor, but some will require shell / SSH to reproduce the demonstrated methods.
Tools to play through the labs:
- web browser
- Free personal edition of https://www.spectx.com/ (we’ll hopefully have a shared browser-accessible instance as well)
- SSH (for some automation + compromized WP cleanup) and ability to fetch code samples from Github