Benjamin Floriani
My fascination about complex systems began early on - with hacking computer games. While studying computer science at the University of Innsbruck, I discovered the Austrian Cyber Security Challenge, a capture-the-flag competition that promotes IT security talents in Austria.
My successful participation in this competition opened my way into professional IT security at the end of 2017. Since then, I have been pursuing my passion as a penetration tester. I have specialized in the field of red teaming and attack simulations through numerous further education and training courses - a field that continues to fascinate me.
I am currently deepening my knowledge in the areas of internal infrastructures and malware development. This enables me not only to increase the precision of our penetration tests, but also to implement techniques such as lateral movement, local privilege escalation and full domain compromise in red team engagements even more effectively.
Sessions
In this hands-on workshop, participants will dive into fundamental security configurations that form the backbone of enterprise defenses. We will cover key topics such as SMB signing, client hardening, and the secure use of common network protocols. Attendees will not only gain a solid understanding of why these settings matter, but also see how misconfigurations can be abused in real-world attack scenarios.
In our dedicated lab environment, we will work together to apply and test effective remediations, ensuring that every highlighted vulnerability is paired with a practical and reliable solution. By the end of the session, attendees will walk away with skills to both recognize and securely configure these essential controls in their own environments.
The perpetual cat-and-mouse game between attackers and defenders has
pushed offensive security operators to innovate. While enterprise security
teams have become adept at identifying and blocking malicious Office
documents, suspicious executables, and known phishing URLs, a significant
blind spot often remains: the gray area of "benign" file formats that are
implicitly trusted by both users and security tools. This talk will arm
attendees with the knowledge to identify and leverage these blind spots in
red team engagements.
We will begin by exploring the strategic shift from noisy, high-volume
attacks to stealthy, low-profile techniques designed to circumvent modern
EDR, email gateways, and web proxies. We'll discuss why certain file types
and delivery mechanisms succeed where others fail, focusing on the
technical elements that make them effective. This includes exploiting the
browser's rendering engine and abusing features in file formats that were
never intended for malicious use. The mainpart of the presentation is a
detailed, step-by-step walkthrough of an attackchain using a weaponized
SVG image, infecting a user with malware and spreading laterally with
intune.
We will demonstrate the entire attack chain:
-) Crafting the Lure: Creating a malicious SVG that, when opened, executes
the malicious content.
-) Delivery & Execution: Discussing methods for delivering the payload and
giving alternatives to SVG images.
-) Infection & Lateral Movement: Showcasing how the malware gets executed
and how Microsoft Intune can be used afterwards to move laterally through
the network.
Beyond the SVG case study, we will briefly cover other unconventional
vectors to broaden the audience's perspective.
Attendees will leave this session with a new arsenal of TTPs. Red teamers
will learn how to build more sophisticated and evasive initial access
campaigns. Blue teamers and defenders will gain insights into these
emerging threats, learning what artifacts to hunt for.