2024-09-27 –, Bradman Theatrette
You know all that security you spend all that time on? The stuff that's supposed to Stop Cyber Threats in Their Tracks or whatever?
How do you know it works? 🧐
You can test whether it works by just getting someone to try hacking you. For real. With the same techniques and goals as real cybercrime groups. If you're very, very lucky, that someone will be employed by you, and show you how they did it instead of selling the stolen data on the dark web.
For some reason, this is called Red Teaming 😳. You can use it to actually test what parts of your security work and what parts don't, instead of just believing some guy who says it's good because he sounded really confident.
Come along and learn about how it works, how I do it, and stories of insane nonsense that's happened along the way.
Alex, Australia's only hacker, works on the Red Team at Atlassian, committing metaphorical crimes, and writing really really detailed confession letters. Particularly their specialty is malware and post-exploitation.
They're known for one time using Inspect Element to find the passport number of former Australian Prime Minister, Tony Abbott, calling him on the phone about it, and not getting arrested the whole thing (blog post: https://mango.pdf.zone, Darknet Diaries episode 84).
On the side, they organise purplecon, a gentle, pastel, inclusive security conference, happening in Sydney this November 👀
Probably their proudest achievement is getting excommunicated by the Catholic Church in 1633 for insisting the Earth revolves around the sun.