Sangfor Technologies is proud to announce their presentation – Don't Dare to Exploit - An Attack Surface Tour of SharePoint Server – at DEFCON 29 (DC29) in Las Vegas on August 5, 2021, outlining several previously unknown SharePoint attack surfaces, mitigating these attacks, and demonstrating how these mitigations can be bypassed.
Sangfor BlueOps team members, Yuhao Weng and Zhiniang Peng, with security researcher Steven Seeley, were selected from among thousands of projects submitted to DEFCON 29. In their presentation they will demonstrate how to navigate the security architecture of a Microsoft SharePoint server, and how it differs from other popular CMS products. Their presentation will also detail several previously unknown attack surfaces, and how to mitigate any risk stemming from these vulnerabilities. Vulnerabilities CVE-2021-24072, CVE-2020-17120 and CVE-2020-17017 will be discussed, detailing the process that led to their discovery, and steps to take toward mitigation.
DEFCON Hacker Conference will require all vendors and attendees in 2021 to both wear a mask at all DC29 events and presentations, and to present proof of vaccination. This is a departure from DEFCON’s famous trend of allowing conference registration and entrance without ID, as many attendees want to stay anonymous due to work, and even illegal hacking activities.
Many attendees are refusing to attend due to the stringent new requirements, siting that registration or vaccine passports make anonymous attendance impossible, and therefore undermine the spirit of the conference. While vaccines and masks have been elements embraced by most of the world, the war rages on the USA with opposing parties using safety and fear to make a political statement before concerns about the health and wellbeing of the people.
Both DEFCON 29 and Black Hat USA 2021 (a similar and well-respected hacker conference) offered virtual attendance options this year. Some of the virtual DEFCON Villages include:
Black Hat starts on July 31st and runs until August 5th, while the DC29 conference runs from August 5th-8th. There are 5,000 expected attendees at the in-person event in Las Vegas, NV. Act today to attend DEFCON 2021 in-person or virtually, and see how Sangfor’s BlueOps Team is making waves in the network security industry. For more information on Sangfor Technologies, or to learn more about their suite of security technology including NGAF - The Next Generation Firewall NGFW, Ransomware and Cyber Threat Hunting Tools such as NDR, and cyber threat hunting capabilities, visit us online or email us directly, and let Sangfor make your IT simpler, more secure and valuable.