2019-016-Conference announcement, and password spray defense
Published April 29, 2019
|
46 min
    Download
    Add to queue
    Copy URL
    Show notes

    Agenda:

     

    Announce the conference

    CFP: up soon

    CFW: up soon

    Campers: Friday night/Saturday night

        Like “toorcamp”, but if it sucks, you can drive home… :D

     

    Limiting tickets, looking for sponsors

    To support the conference and future initiatives:

    “Infosec Education Foundation”

        501c3 non-profit (we are working on the charity part)

     

    www.infoseccampout.com

    Password spraying

    https://github.com/dafthack/DomainPasswordSpray

     

    Stories:

     

    https://blog.stealthbits.com/using-stealthdefend-to-defend-against-password-spraying/

     

    http://blog.quadrasystems.net/post/password-spray-attacks-and-four-sure-steps-to-disrupt-them

     

    https://www.trimarcsecurity.com/single-post/2018/05/06/Trimarc-Research-Detecting-Password-Spraying-with-Security-Event-Auditing

     

    https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/simplifying-password-spraying/

     

    Detecting one to many…..and at what point/threshold during an attack would it be a PITA for the redteam to slow down to

     

    Annoying NXLog CE limitation

     

    Log-MD can help detect?  Yep

     

    CTF Club is happening again

        Pinkie Pie is running it.

        Saturdays at 2 -3 pm

     

     

      15
      15
        0:00:00 / 0:00:00