Skip to content

Details

BlueCon#0x0F – Event Details
A Cyber Security event for the community, by the community.Join us on Wednesday, 13th August 2025 at Stone & Chalk Melbourne for our August Blue Team Meetup!Follow us on LinkedIn: Cyber BlueCon LinkedIn. This meetup features a technical talk and hands-on workshop led by experienced industry professionals, with opportunities to connect and network with the broader cyber community.

📅 Event Info
Date: Wednesday, 13th August 2025
Time: 5:30 PM – 7:30 PM AEST
Location: Stone & Chalk, 121 King Street, Melbourne
Cost: Free (registration essential)
Catering: Food and drinks provided (Thanks to Cydarm)

**📲 Registration:**Spaces are limited. Don’t miss your chance to learn, network, and experience advanced threat hunting in action.

BlueCon#0x0F Details
🔌 Talk + Workshop Title: Deciphering Command Line Obfuscation & Threat Hunting APTs with KQL - Zero to Hero

Speaker: Jamie Eccleston, Cyber Threat Intelligence Analyst – AEMO (Threat Hunter at TrustWave - SpiderLabs)

📘 Speaker Bio: Jamie Eccleston is a cyber threat intelligence analyst and threat hunter at the Australian Energy Market Operator (AEMO). He began his career as a penetration tester after achieving his OSCP certification and later moved into intelligence and hunting roles. Jamie has developed and led threat hunting programs to counter state-sponsored threats, built custom data analytics tools, and currently specialises in Microsoft’s Kusto Query Language (KQL), widely used across Azure and Defender XDR for advanced hunting operations.
🧠 Event Overview: This unique session will blend a live talk with hands-on threat hunting to explore command line obfuscation techniques and practical detection using Kusto Query Language (KQL).
Participants will set up their own free Azure Data Explorer clusters, upload threat datasets, and hunt for APT activity—learning to think like an adversary while applying powerful detection techniques.
The case study focus will be on Volt Typhoon, a Chinese state-sponsored group targeting critical infrastructure. You'll learn to pivot across artefacts like certutil and Event ID 4624 abuse, applying filtering, regex, and MITRE ATT&CK mapping to uncover hidden attacker behaviour.
This is not just theory. It's real-world skill-building.

All attendees need is a laptop with internet access and at least 8GB of RAM.

🔧 Hands-On Workshop:Zero to Hero: Threat Hunting APTs with Azure Data Explorer & KQL
Workshop Objectives:

  • Understand the principles of threat hunting and how it differs from IoC sweeping
  • Deploy and configure a free Azure Data Explorer cluster
  • Upload and navigate hunting datasets
  • Learn KQL fundamentals: filtering, parsing, regex, and obfuscation decoding
  • Investigate Volt Typhoon case study and command line activity
  • Apply MITRE ATT&CK for mapping techniques

Learning Outcomes: Attendees will:

  • Build confidence in threat hunting workflows
  • Analyse obfuscated command lines
  • Use KQL effectively to detect and respond to attacker behaviour
  • Understand the mindset needed to identify malicious activity hiding in plain sight
  • Learn anomaly hunting strategies using KQL

🌐 International Livestream Watch Parties:

  • Accra, Ghana: 8:00–10:00 AM GMT
  • Lagos & Abuja, Nigeria: 9:00–11:00 AM WAT

Note: Livestream links for Ghana and Nigeria will be sent 24 hours before the event to registered attendees

**📲 Registration:**Spaces are limited. Don’t miss your chance to learn, network, and experience advanced threat hunting in action.

🏆 PrizesParticipants can win:

  • Sponsor giveaways
  • CyLynk training discounts or lab access
  • Recognition for top phishing analysis

Interested in submitting an application to speak at future BlueCon events? You can apply here:[ https://forms.gle/k2S4s76jC8VbcgRh7](https://forms.gle/k2S4s76jC8VbcgRh7 "https://forms.gle/k2S4s76jC8VbcgRh7")Interested in volunteering? Let us know at the event.
#BlueCon #AttackInformedDefence #KQLThreatHunting #APTDetection #PurpleTeam #CyberSecurityCommunity #BlueCrew

Network Security
Cloud Computing
Critical Thinking
Ethical Hacking
Information Security

Members are also interested in