Bishop Fox to Sponsor & Speak at BSides CDMX

Date:
July 19, 2024
Time:
8 a.m. - 7:30 p.m. CT
Location:
Mexico City, Mexico
BSides CDMX logo on purple background

Bishop Fox is proud to sponsor and present at BSides CDMX in Mexico City, Mexico on July 19, 2024. BSides CDMX is the Mexico City's chapter where local and world-wide infosec professionals, researchers, engineers, developers, students are encouraged to educate, collaborate and participate with the community by exchanging ideas, knowledge and experience.

Bishop Fox experts will host a Lock Picking Village, Social Engineering - Vishing Village, as well as speak on two different topics, "Post-Exploitation Techniques Used by Threat Actors in Cloud" and "Leaving Doors Unlocked with Cognito." 

For more information, visit the BSides CDMX website.

Lock Picking Village

Hector Cuevas Cruz and Rodrigo Zacatelco will inspire and mentor new talent as part of of a Lock Picking Village by Pwntacles. The Village aims to raise public awareness about the physical security of lock and padlock mechanisms, where each participant will be taught and demonstrate techniques that they themselves can try.

Social Engineering - Vishing Village

Berenice Flores and Ivan Sanchez will host the Social Engineering - Vishing Village. The Village aims to raise public awareness about social engineering and prompt injection attacks where each participant will have to talk to our operator and try to obtain as much information as possible, to obtain the flags.

"Post-Exploitation Techniques Used by Threat Actors in Cloud" Session

Speakers: David Bravo & Samanta Aranda

Abstract: I have found AWS Cognito much more common in my targets and as a vector to compromise applications deployed in AWS. This talk will review what AWS Cognito is, what are some common misconfigurations, and how to exploit those misconfigurations as an external or internal attacker. Terraform templates will be provided for attendees to deploy some of these vulnerable situations and do hands on learning on their own time.

"Leaving Doors Unlocked with Cognito" Session

Speakers: Ivan Sanchez

Abstract: We will share an analysis of the tactics, techniques and procedures of toolkits created by TeamTNT and used by adversaries in different campaigns focused on the exploitation of cloud infrastructure and containers. These toolkits use interesting TTPs that have been replicated in recent campaigns and show a level of sophistication rarely seen in crypto jacking groups.

Berenice Flores

About the speaker, Berenice Flores Garcia

Senior Security Consultant

As a senior penetration tester at Bishop Fox, Berenice focuses on application security and cloud penetration testing (AWS). Berenice holds many cybersecurity certifications including Offensive Security Certified Professional (OSCP), Off-Sec Web Assessor (OSWA) and Offensive Security Wireless Professional (OSWP).
When she's not finding bugs, Berenice enjoys attending hacking conferences and collecting stickers, pins and token coins.

More by Berenice
Hector cuevas cruz

About the speaker, Hector Cuevas Cruz

Security Consultant

Hector Cuevas Cruz is a Bishop Fox security consultant. He has more than 11 years of experience in information security where he has worked as an Offensive Security Consultant, Forensic Analyst, and Threat Hunter at some of the most renowned security companies. Hector has been a regular presenter at national conferences in Mexico since age 17. He has specialized in Red teaming, Digital Forensics, Incident Response, and ATM security assessments.

More by Hector
Ivan sanchez

About the speaker, Iván Sánchez

Security Consultant

Ivan Sanchez is a Security Consultant at Bishop Fox where he focuses on network penetration tests and web application assessments. He attended ESCOM IPN where he received his bachelor's degree in computer engineering and developed a deep interest in cybersecurity. This is where his InfoSec journey began. During this time, he attended several CTF and hacking competitions, which helped him finetune his pen testing skillset.

More by Iván

Ready to get started? We can help.

Contact Us

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.