Clickbait Invasion Era (Email's Version)
The lab will walk you through specific social engineering methods until remote code execution. The instructor will introduce and demonstrate one of the most famous Outlook 2016 bugs this year and share strategies for defending against this attack.
Session Objectives
This program provides a hands-on lab for stealing NTLM Hash under low user interaction situations and conducts a remote code execution to leverage user privileges on the victim's machine. This program also includes concepts of identifying social engineering, mechanisms of long-term defense against this attack, and a quick solution to the specific CVEs.
Session Summary
- Introduction of Social engineering.
- Introduction of Word macro phishing attack.
- CVE-2022-30190 (hands-on and detail explained).
- Introduction of NTLM Hash and the severity of hash leakage.
- CVE-2024-21413 (hands-on and detail explained).
- Defense method.
Device Requirement You Should Prepared for
- Bring Your Laptop.
- Capable of connecting to WiFi or personal hotspots.
- Equipped with a functioning Chrome browser.
- Operating systems: Windows 10, 11, Linux, or MacOS.
- Please prepare remote desktop tools (recommended remote desktop).
Skills Requirement You Should Have
- Basic operational experience with Linux and Bash.
- Basic operational experience with Windows and cmd.
Limit on the Number of Attendee
TOPIC / TRACK
CyberLAB
LOCATION
Taipei Nangang Exhibition Center, Hall 2
4F 4D
LANGUAGE
Chinese
CYBERSEC 2024 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy 。