What’s Old is Gold | Brian Halbach | WWHF Deadwood 2022

Sure the latest and greatest exploits are fun to play with, but as a pentester (and actual attackers) it is often the simpler things that are still working and allowing access into a network. It is often the older techniques that when used correctly, can yield amazing results. Things that may seem foolish to a newcomer may be the exact thing needed to find weak areas in an organization’s defenses. As organizations shift in their security posture over time it is not uncommon to have gaps in coverage of older types of attacks. This talk is a collection of these types of attacks and techniques. This information has been gathered by talking to several security professionals who have been around long enough to no longer be surprised by anything they see in the industry. People coming to this talk should not expect to necessarily learn anything “new” but to not forget the lessons of the past. This talk will act as a reminder that looking at older attacks can still be very useful and can serve as inspiration for the future.

Brian Halbach graduated from the University of Wisconsin-Stout with a degree in Information Technology Management and a Minor in Computer Science. During college, Brian spent several years working as a help-desk employee, which later led to a career as a Systems Administrator and then Network Engineer for both small companies and Fortune 5 companies. After realizing the lack of security that many organizations had Brian spent time as a lead Network Security Engineer helping organizations deploy the tools, technology, and processes to help make them more secure. After spending years helping defend organizations and realizing that companies still had problems seeing and understanding their security gaps, Brian switched over to red teaming and penetration testing, where he is able to use his knowledge and understanding of people, systems, and programming to bring new insights and intuition to his security testing. One of the things Brian enjoys the most about working in security consulting is being able to talk to clients about their issues and being able to help find answers to security questions when there is not an obvious solution.

///Black Hills Infosec Socials

///Black Hills Infosec Shirts & Hoodies

///Black Hills Infosec Services

///Backdoors & Breaches - Incident Response Card Game

///Antisyphon Training

///Educational Infosec Content