ACFE September 2017: Breaking into the CEOs account using data breaches

Tuesday, 10 October 2017 (RSVP by Friday, 6 October 2017)
LIMITED SPOTS AVAILABLE

Edward Farrell of Mercury Information Security Services (Mercury ISS) will discuss how his team broke into a CEOs account and demonstrated harm to their company with little more than a LinkedIn password and good reconnaissance.

Data breaches and their disclosure have become commonplace and yet reusing contents from a breach for security testing or enhancing an organisation’s defences have been poorly explored. Whilst technical complexity and time of execution is not comparable to more elegant threats, the accessibility and ease of exploitation of passwords should be of concern to individuals and businesses. Having collected and analysed such information over the course of two years, it was only natural for Edward’s team to start reusing it in penetration testing.

This talk will go through some of the insights into the collection of data, its reuse in security testing, Mercury ISS’ development of an internal database for material from breaches, as well as how it can be used in a defensive function.


Edward Farrell.png

Edward Farrell
Director & Principal Consultant – Mercury Information Security Services

Presenter

Edward Farrell is an independent information security consultant and penetration tester based in Sydney.

Having started his career as a network engineer, Edward joined the cybersecurity profession in 2009 where he has made numerous contributions to industry research and local security groups. He has presented at conferences in Australia and overseas, including Kiwicon, Besides Las Vegas, AusCERT 2017 & Ruxcon, to advance the body of information security knowledge.

In his day job he runs a team of cybersecurity professionals at Mercury ISS who service clients in Australia and abroad.


Event Details

Date Tuesday, 10 October 2017
CPE 1 CPE
Location Macquarie Bank
L10 50 Martin Place,
Sydney, NSW, 2000
Agenda 5:15 pm Registration
5:30 pm Presentation by Edward Farrell
6:20 pm Networking & drinks
8:00 pm Event concludes
Payment Click on the link below to register and pay via:

1. PayPal
2. Credit or Debit Card (via PayPal)

Groups (>10): please contact us by emailing treasurer@acfesydney.org.au

Please note: you will be prevented from registering if registrations exceed capacity. If this occurs, please email secretary@acfesydney.org.au to be added to a waiting list.
Posted in Events

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Our LinkedIn Group
If you are a member of the Sydney Chapter, become a member of our LinkedIn Group.
ACFE Report To The Nations

Read the full ACFE 2018 Report to the Nations on Occupational Fraud and Abuse here.

Australian Chapters

There are also ACFE Chapters in the following locations:

About the ACFE

The ACFE is the world’s largest anti-fraud organization and premier provider of anti-fraud training and education. Together with more than 82,000 members, the ACFE is reducing business fraud worldwide and inspiring public confidence in the integrity and objectivity within the profession.

Read More

%d bloggers like this: