Cork|Sec 146

Running since June 2013, every month we have 1-2 talks focused on Security or Technology - followed by socialising with like minded people – and you can find out exactly what to expect about the night and the venue on the What We're About section of our Meetup page. Past talk details are on our wiki on http://corksec.com/. All people with any sort of an interest or level of knowledge in Security, Hacking and Emerging Technology are more than welcome to attend and feel free to bring like minded colleagues and friends.

CorkSec is made possible through generous sponsorship from our Platinum Sponsor Trend Micro, Gold Sponsor CyberSkills , as well as our Silver and Bronze Sponsors featured prominently on the night.

Doors open at 19:00 with talks starting at 19:15. Talks below

TALK 1: What Chess Players Can Teach Us About Phishing Detection - Ioana Macovei
Can strategic thinking help defend against phishing? This talk shares results from a study comparing chess players and non-chess players in spotting phishing emails. It explores how cognitive training may influence threat detection - and invites SOC professionals to weigh in on how these insights could support human defense in real-world environments. Ioana Macovei is a cybersecurity researcher and former professional chess player who has (somehow) managed to sabotage every other part of her career just to keep studying chess. Her current work explores how cognitive skills from competitive chess can be applied to phishing detection and analyst performance in cybersecurity environments.

TALK 2: Navigating the Initial Access Campaign Threat Landscape - Chris Boyton and Ian Kenefick
In the evolving threat landscape of 2025, initial access campaigns are becoming increasingly sophisticated, leveraging social engineering and novel techniques to deceive targets. As email channels and corporate infra are better defended, the TTPs have had to evolve accordingly. We will explore how adversaries are utilizing infostealers, Adversary in the Middle attacks, and exploiting vulnerabilities through chained bugs and attack paths to infiltrate their victims. Another key method of gaining initial access is via Internet Facing Infrastructure. To better understand the attackers, we also need to understand what their business model looks like. We'll be discussing some of the techniques being employed, and what organizations can do to counter this.