What we’re about
DCG518 is a DEF CON group focused on community, education, mentoring and bringing the InfoSec community in the NY Capital District together. Our gatherings feature presentations, workshops, CTFs, and anything else in which the community is interested. The group is community-driven, and allows its members to be active so they can learn or teach about a subject they are passionate about. DC518 also supports the already-existing security-related and technology-focused groups, and we encourage members of all groups to collaborate and share knowledge. We are strong together. The mission of the DCG518 group is to advance knowledge and educate anyone interested in science, technology, and other areas of information security through project collaborations, group gatherings, and group activities that will best serve our community and the world.
More info at https://dc518.github.io/
Upcoming events (1)
See all- DEFCON Group DCG518 presenting 'The Crown’s Weak Link'Guilderland Public Library, Guilderland, NY
The Crown's Weak Link :
Unmasking Active Directory ESC Misconfigurations, Exploiting Flaws in Active Directory Certificate Services (ADCS) for Full Domain CompromiseHave you used Kerberos and Public Key Infrastructure (PKI) to “secure” your Active Directory environment? This talk unravels how a simple misconfiguration within ESC can lead to easy wins for an attacker and complete control over your Active Directory domain.
Privilege escalation in Active Directory (AD) allows cyber attackers to increase access within the environment and potentially compromise entire networks—undetected.
We’ll walk through why ESC flaws are so damaging and which template settings to avoid when using ADCS. You’ll see how attackers can chain vulnerabilities like PetitPotam (NTLM Relay Attack) and ADCS web enrollment for privilege escalation, achieving Domain Admin in less than 30 seconds.
By the end of this presentation, you will understand which configurations to avoid and how to detect these flaws in your own environment for prevention, mitigation and remediation purposes. We’ll also cover detection tools and how this data can be ingested into platforms like BloodHound.- For more information and updates, check our site https://dc518.github.io/
- Doors open at 1:00pm for social hang out. The presentation starts sharp at 2pm.
The Guilderland Public Library is located at 2228 Western Avenue, Guilderland, New York 12084 - This event is free and open to all the community. No attendee limits.
