ToorCon TwentyOne speaker: Antonio Piazza
Antonio Piazza, hailing from Austin, TX. USA, is an Offensive Security Engineer on the Box Red Team. Following his stint as a US Army Human Intelligence Collector he worked as a Defense contractor/operator on an NSA Red Team so he is intimately familiar with spies, hacking, and everything nerdy. Antonio is passionate about all things related to MacOS security and thus spends his days researching MacOS internals and security as well as writing free, open-source security tools to help protect Mac users.
Gone Calishing: A Red Team Approach to Weaponizing Google Calendar and How to Stop It.
On Halloween, October 31, 2018, 2 Black Hills Security Researchers, Beau Bullock and Michael Felch disclosed, step-by-step to Google how anyone with a gmail account could add an event, as "accepted" to any Google Calendar via the Google Calendar API. Google called it a feature. Why, a year later is this not fixed? This talk will demonstrate how this "calishing" attack can be utilized in a Red Team operation where the target organization uses G-Suite. I will demonstrate this by leveraging an open source python tool that I have developed, G-Calisher, based on Beau Bullock's and Michael Felch's PowerShell module "Invoke-InjectGEventAPI" from their MailSniper tool. I will lead the audience through the entire kill chain from recon (How to determine if an organization is using G-suite for its email) through Command and Control. I will also discuss how the organization can stop this attack.
Join us for a crazy hacker scavenger hunt around Mission Bay and Pacific Beach! Just meet at the fun day patio next to the event venue.