A very brief post, over the last couple days I attended ATT&CKcon 3.0. It was full of brilliant talks and interesting people. A talk from educators in the social sciences sector and their students from high school to postgrads. Demonstrating a social engineering attack and mapping it to the matrix, that was one I couldn’t take my eyes off.
There were 24 talks. Something in there for everyone… Red teamers, blue teamers, threat intel or someone who enjoys cyber-security. Some good open-source tool drops to the community which everyone is thankful for. The people at Recorded Future dropped this awesome tool to identify controls for TTPs: https://controlcompass.github.io/resources. There was also the release of SnapAttack community edition. Lots more I can’t list such as a honeypot container, that talk was interesting but a little too much for me to take in all at once. Can’t wait to re-watch some of the talks and view the slides again.
I’m excited for what’s to come with the platform. There is lots of work going on over at MITRE in improving the matrix, expanding that common language between all areas and all teams.
It was good to see at least two Brits involved in giving talks. Travelling across the pond to give a 15–20-minute talk shows serious dedication… and I look forward to seeing those same speakers on home soil soon, CYBERUK is just around the corner now.
Ive updated this to include, they did manage to get swag out to some virtual participants. Lastly, I think the best quote from the conference for me was along the lines of “Is it IoT or is it just Linux?”.
I’m going to be taking a brief break from writing a new piece, I spent some time last night trying to look into the Spring Framework RCE. Which has since been assigned the CVE number of CVE-2022-22965. A tool created by hillu on GitHub will allow for local vulnerability scanning for this issue.