Digital Meetup — "Report Medley" & "Evasion Adventures"

Name: Digital Meetup — "Report Medley" & "Evasion Adventures"
Start: 2021-12-08T19:00:00+08:00
End: 2021-12-08T21:00:00+08:00

Hosted By

Emil T. and 3 others

Digital Meetup — "Report Medley" & "Evasion Adventures"

Details

This Digital Meetup is brought to you by Division Zero (Div0)'s Bug Bounty Quarter (BBQ) (https://www.div0.sg/q-bug-bounty).

AGENDA

7:00pm: Lobby & Networking (20mins)
7:20pm: Introduction & Announcement (10mins)
7:30pm: "Report Medley — What Makes a Bug Report Great?" by Sebastian Wieseler
8.15pm: "Evasion Adventures" by Ethan Seow

THANK YOU! — DIV0's SUSTAINING SPONSOR

Centurion Information Security (https://centurioninfosec.sg/)
Red Alpha Cybersecurity (https://www.redalpha.sg/)

ABSTRACT
# Report Medley — What Makes a Bug Report Great? #
In this talk, we’ll be looking at some publicly disclosed reports and discuss what a great bug report should include and how to increase impact by writing a good report!

It will also highlight technical areas — what you should and probably shouldn’t report.

# Evasion Adventures #
In red team engagements, it is necessary to develop payloads for initial access while evading detection from Endpoint Detection and Response (EDR). This talk will explore the evolution of offensive tradecraft in response to the advancements in EDR detection techniques. It will cover the techniques used by EDRs to detect malicious activity and explain how modern offensive techniques can evade some of these detections. The techniques covered will range from well-known reliable techniques such as direct syscalls to cutting edge techniques for concealing memory indicators such as spoofing the call stack and hiding memory indicators of C2 agents.

BIO
SEBASTIAN WIESELER has 10+ years of experience in telco, with more than two years supporting the internal SOC of Deutsche Telekom. He has been in Singapore since 2015, leading IT & Security teams in MyRepublic for more than 4 years. He spent 1.5 years leading the IT Security & Compliance division in a fintech - BigPay, aligning with government regulation from local watchdogs in Malaysia & Singapore. He has moved to 8x8 International in 2020, supporting IT Security & Compliance topics for Singapore & the region with the focus on securing communication platforms.

ETHAN SEOW is a Year 3 student studying information security at Singapore Polytechnic (SP). He is currently interning at the Cyber Security Agency of Singapore (CSA), Attack Simulation Group (ASG) to learn and explore offensive tradecraft.

IMPORTANT NOTICES