Sunday, April 28, 2019

2019-016-Conference announcement, and password spray defense


Agenda:

 

Announce the conference

CFP: up soon

CFW: up soon

Campers: Friday night/Saturday night

    Like “toorcamp”, but if it sucks, you can drive home… :D

 

Limiting tickets, looking for sponsors

To support the conference and future initiatives:

“Infosec Education Foundation”

    501c3 non-profit (we are working on the charity part)

 

www.infoseccampout.com

Password spraying

https://github.com/dafthack/DomainPasswordSpray

 

Stories:

 

https://blog.stealthbits.com/using-stealthdefend-to-defend-against-password-spraying/

 

http://blog.quadrasystems.net/post/password-spray-attacks-and-four-sure-steps-to-disrupt-them

 

https://www.trimarcsecurity.com/single-post/2018/05/06/Trimarc-Research-Detecting-Password-Spraying-with-Security-Event-Auditing

 

https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/simplifying-password-spraying/

 

Detecting one to many…..and at what point/threshold during an attack would it be a PITA for the redteam to slow down to

 

Annoying NXLog CE limitation

 

Log-MD can help detect?  Yep

 

CTF Club is happening again

    Pinkie Pie is running it.

    Saturdays at 2 -3 pm

 

 


Here is a new episode of Brakeing Down Security Podcast!

No comments: