From connections to compromise: LinkedIn and OPSEC Room: B11-00.13 Adversaries increasingly exploit LinkedIn to gather personal and professional details that enable targeted attacks. Strong OPSEC practices are essential to prevent seemingly harmless connections from becoming pathways to compromise. Find out some examples of both historic and recent exploitations of LinkedIn by threat actors, as well as how to raise your defences.

How To : Compromise BELDEF Using Social Engineering Room: B11-00.13 Showcase of a real attack-case that allows a malicious actor to compromise our Microsoft Entra ID tenant and obtain persistent access to all M365 resources — without ever knowing the victim's password, and bypassing MFA.

Breaking Drones for Fun - Hobbico C-me Room: B11-00.13 C-me is a 150€ WiFi camera drone released a while ago by Hobbico that has filed bankruptcy in 2018. This kind of model with a short time to market was not made with no security in mind. This talk presents some findings that led to the exploitation presented at Black Hat Arsenal Europe 2019.