Privilege escalation is also one of the most common techniques attackers use to discover and exfiltrate sensitive valuable data. From a hacker’s perspective, privilege escalation is the art of increasing privileges from the initial access, which is typically that of a standard user or application account, all the way up to administrator, root, or even full system access. With NT AuthoritySystem access or on Linux the root account, attackers have full access to one system. With Domain Administrator access, they own the entire network.
• Top Methods of Privilege Escalation on Windows and Linux
• Common Tools used to identify Privilege Escalation
• And more...
Cross device flows lets a user initiate an action on one device (e.g. a SmartTV) and authenticate or authorize that action on a trusted personal device (e.g. a mobile phone). Examples includes authorizing a smart TV to access streaming content, or authenticating to a service by scanning a QR code with a mobile phone and completing the authentication on the mobile phone. This process of authorizing an action on a separate (but trusted) device from the one on which an action is initiated is an increasingly common flow, whether used for devices with limited input capabilities, multi-factor authentication or credential presentation. A number of standards have adopted this pattern including Device Authorization Grant (formerly Device Code Flow), Client Initiated Backchannel Authentication (CIBA) and Self Issued OpenID Provider (SIOP). These flows solve important business problems, but is vulnerable to attacks where the user is tricked into granting consent to an attacker. The IETF OAuth working group has recognised this challenge and is creating new guidance that leverages zero-trust principles to defend against these "illicit consent grant" attacks. This session will discuss the attacks and how the new guidance can mitigate these threats against cross device flows.
A digital twin is a virtual representation of a real-life subject. This mapping encompasses its entire lifecycle, is updated from real-time data, and uses simulation, machine learning, and reasoning to support decision-making.
Human beings and their behavior can also be copied and simulated by digital twins. During the last talk at the EIC conference, we already looked at the threats, challenges and opportunities creating digital twins in cybersecurity.
This time we want to discuss how we can dive into a world through a digital twin of a cybercriminal to change perspectives and to understand the cybercriminals behavior.
Imagine having a tool that can perform these simulations at the highest level. Why not use it to our own advantage?
A digital twin that not only simulates the approach and behavioral patterns of cyber criminals but can also predict ahead of time. What if we can turn the tables on cybercriminals by fighting fire with fire?