Hackfest 2020

Talos: Threats and Dual-Use Tools in the Landscape
11-20, 18:30–19:20 (Canada/Eastern), Hackfest - Track 1
Language: English

Cisco's Talos team specializes in early-warning intelligence and threat analysis necessary for defending networks against the ever-changing threat landscape. In this talk we will cover how our team is built, look at some interesting threats and exploits -- take a look at the methods and techniques that both the attackers and defenders use to exploit these attacks, taking a deep dive into dual-use tools and see how they are being leveraged by threat actors to exploit, move laterally, and deepen the attackers reach into your network.


Dual-use tools are developed to assist administrators in managing their systems or assist during security testing or red-teaming activities. Unfortunately, many of these same tools are often co-opted by threat actors attempting to compromise systems, attack organizational networks, or otherwise adversely affect companies around the world. This talk will dive into the topic of dual-use tools and how they have historically been used in various attacks. It will also provide case studies that walk through how native system functionality and dual-use tools are often used in real-world attacks to evade detection at various stages of the attack lifecycle.


Are you releasing a tool? – no

William Largent is a threat researcher for Cisco Talos. William has over 19 years of experience in information security having previously worked for the Cisco IPS Signature team where he researched vulnerabilities and wrote signatures for Cisco security products. Previous to the Cisco IPS Signature team William worked for Cisco Remote Managed Services. William has three awesome kids and the world’s most patient wife.