Login

Register

Login

Register

#cybersecurity | #hackerspace |

The Human Hacking Conference: Year Alpha


It was early in 2019 that we started dropping hints we had something big in the works. The anticipation was high, when, in June, we made an exciting announcement. Social-Engineer.org along with Social-Engineer, LLC was going to put on their first ever, self-produced, conference; The SEVillage Presents: The Human Hacking Conference (HHC) 

This never before seen conference was going to be unlike any others. This all-encompassing event offered to teach business, security, technology, and psychology professionals the latest techniques and tips from leading experts in their fields. The Workshop Trainers were announced, and with every name the excitement increased. With experts in human deception, body language analysis, cognitive agility, and intelligence research, this event was shaping up to be the most exciting event of 2020. For those of you who couldn’t attend, and those who want to relive the experience, don’t worry we got you! Continue reading for a breakdown of everything that was The Human Hacking Conference: Year Alpha!  

Thursday – Hacking the C-Level, Pentesting, Red Teaming and more!  

The Human Hacking Conference kicked off bright and early Thursday, February 20. The excitement to start was high. So much so that we had one attendee had been waiting in the conference area since 6 am! After registration and some refreshments, it was time to kick off the Opening Ceremony! Chris Hadnagy, our Chief Human Hacker, lead this event by reminding of us of the core value of the HHC, “leave them feeling better for having met you”. 

https://securityboulevard.com/

Track 1: Hacking the C-Level & Business 

After the entertaining and uplifting Opening Ceremony our attendees split up to head to their track of choice. Thursday offered two speaking tracks. Track 1 was “Hacking the C-Level & Business” started off with our friend Perry Carpenter, who was the face of our HHC sponsor KnowBe4. As the Chief Evangelist & Strategy Officer at KnowBe4, Perry could give some sound advice on his topic, The Art and Science of Driving Secure Behaviors.  

https://securityboulevard.com/

That was followed by Social-Engineer, LLC’s beloved Director of Sales, Jay Korpi. Jay’s fun and lighthearted personality was in full force with his speech, A Meteoric Rise from Custodial Engineer to CEO and Buying The Entire 14th Floor. I mean, check out that bow tie.  

https://securityboulevard.com/ 

Next up was Domini Clark, who is the CEO & Founder at Blackmere Consulting. She spoke on Hacking the C-Suite…Finally Declassified: How Executive Search Firms infiltrate the C-Suite, Get the Talent to Defect, and Alter the Course of Global Business. Phew. Domini captivated her audience with this topic which helped them learn how a single executive hire can change the trajectory of an entire organization.  

https://securityboulevard.com/  

To finish up the morning in Track 1 was Chris Hadnagy again, who we all know as the Founder and CEO at Social-Engineer, LLC. He talked about SEeing Potential in Your Team, which highlighted the importance of knowing your team and their communication styles. He also dropped some quality Dilbert cartoons.  

https://securityboulevard.com/

Track 2: Pentesting  

While all that was happening, Track 2 was simultaneously running the “Pentesting” track. Kicking off this track was Social-Engineer’s Chief Operating Officer, Ryan MacDougall. His topic was Which Pentest is Right for You Ryan highlighted how each company can determine which pentest is right for their security needs, and how they can make it benefit corporate needs.  

https://securityboulevard.com/

Our very first ever SECTF contestant joined us at HHC, to discuss Active Measure. Wayne Ronaldson is from Loop Secure. His fascinating talk presented a live simulated attack that showed things from the hacker’s perspective. He demonstrated how social engineering phishing attack morphed into a full nation-state style attack. This demonstration taught attendees how their organization can be vulnerable to attacks, and how it can damage an unprepared business.  

https://securityboulevard.com/

To finish out the Pentesting Track, one of our very good friends and Sponsor of the HHC, Chris Silvers, spoke about Scaling Phish: Pentesting the SMB. Silvers, who is the Founder of CG Silvers Consulting, left the crowd with lessons on how – and how not – to scale your security mindset from enterprise to Small and Medium Business environments.  

https://securityboulevard.com/

As the tracks came to an end everyone attending was treated to a buffet lunch that was so amazing it can only be described in photos. These lunches were provided all 3 days of the HHC, so, for all of you foodies out there, enjoy.  

https://securityboulevard.com/https://securityboulevard.com/https://securityboulevard.com/

Track 1: Part 2  

After an incredible networking lunch out in the pavilion, our attendees fought the food coma and headed back to our speaking tracks where some amazing speeches continued through the afternoon. Track 1 resumed its Hacking the C-Level & Business theme with Robert Dean. Dean is the Cyber Janitor at Deloitte, who was a sponsor of the HHC. His discussion was titled Two of Clubs. This presentation highlighted a variety of entry level resources that are non-technical, low cost, and publicly available for people and organizations. By encouraging them to research themselves for awareness and personal security, he encouraged all to aim to inspire deeper organizational discussions on the value of logical and physical security.  

https://securityboulevard.com/

The stage then prepared itself for the most enthusiastic force of all, Stephanie Paul. Stephanie is the Founder of Stephanie Paul, Inc. and is one of the most dynamic human beings we have ever met. Besides being a Workshop Trainer at the HHC (more on that soon!), she also discussed Hacking Into “WHY” Story Works. Her tagline for this speech was “Storytelling – because your biology is governed by it!”, and that was proven true by how captivated the audience was about her topic. So captivated that the talk went overtime before any of us realized it had happened!  

https://securityboulevard.com/

To follow up that act was Business Development expert, Allie Hansen. Besides being an HHC organizer, Allie, who has 10 years of experience, enlightened the audience on how social engineering principles can be successfully utilized in business development, and what applying those principles can mean for your company.   

https://securityboulevard.com/

To finish up Track 1 we had Chase Hughes, the CEO of Applied Behavior Research. His speech The Human Factor highlighted human behavior being the deciding factor in almost all of our successes and failures. Chase taught tactics that can be applied in any conversation to not only read a person but to influence them as well.  

https://securityboulevard.com/

Track 2: Red Teaming 

Track 2 became the Red Teaming track for the afternoon, and it kicked off with Maxie Reynolds. Maxie is a SE Consultant with Social-Engineer, LLC. Her skills boast of not only being able to perpetually annoy Chris Hadnagy, but also performing pentests, while studying quantum computing. Maxie spoke on Personalities, Perceptions, and Persuasion, detangled luck from skill, and looked at what shapes our perceptions about one another.  

https://securityboulevard.com/

Ryan MacDougall gave his second speech of the day which was on SE Teaming vs. Red Teaming. His talk explored what SE Teaming is, and how it differs from Red Teaming. This talk was followed up by a second speech by Wayne Ronaldson, who highlighted the importance of these teams. His presentation, Enemy of the State discussed and demonstrated a sophisticated adversary seeking to target business intelligence using layered attack vectors to explain the impact of a real-word attack.  

Finishing up Track 2 for the day was Jeremy Dodson, Director of Technical Operations at Social-Engineer, LLC. His talk was Anatomy of a Red Team. Internal red teams can be a powerful tool for any company’s security posture. Jeremy’s talk helped the audience gain a better understanding of the benefits and limitations of an internal team. It also highlights why and when to seek an external red team service.   

https://securityboulevard.com/

Social Engineering Panel 

To end the first day of the HHC, we invited some of our Workshop Trainers to sit down with Chris Hadnagy for a series of lightning interviews. R Paul Wilson, Amanda Berlin, Nick Furneaux, Stephanie Paul, and Joe Navarro, each took turns answering questions and highlighting what to expect in their workshops. These lighthearted and captivating interviews became our attendees’ favorite part of the day.  

Highlights from this segment were:  

  • R Paul was the only guest to not get a hug from Chris, and he made sure to point that out  
  • Nick Furneaux related fun stories from holidays with Chris 
  • Stephanie Paul is the most energetic person while being interviewed 
  • Amanda Berlin is an amazing human being who created an entire foundation around mental health   
  • Joe Navarro is a captivating person and the audience members just absorbed everything he had to say. 

https://securityboulevard.com/https://securityboulevard.com/

https://securityboulevard.com/https://securityboulevard.com/

https://securityboulevard.com/https://securityboulevard.com/

Evening Event hosted by Deloitte 

Our evening event for Thursday was hosted by our ever-gracious sponsor, Deloitte. And, the staff and attendees were delighted to have “Pepper” the humanoid robot there. Pepper entertained the crowd by dancing, singing, taking selfies and more. Huge thank you to Deloitte for hosting the evening and bringing Pepper along!   

https://securityboulevard.com/

Friday – Vishing, Workshops, and Escape Rooms!  

Friday morning started off at 9 am with the Keynote Address being given by Chris Hadnagy. His theme was The Next Biggest Social Engineering Vector. While for many years we have focused on phishing as the main attack vector, vishing is closing ranks on becoming more dangerous than ever. To highlight this, Shelby Dacko, a professional visher with Social-Engineer, LLC joined Chris on stage for a live demonstration. Entering a soundproof booth, the same one we use for the SECTF, Shelby called a well-known transport company, Hertz. With just one phone call that lasted 10 minutes, she managed to gain 10 flags. It very quickly became evident why her nickname inside the company is “scary little human”. It also happens to be her Twitter handle.  

https://securityboulevard.com/

With everyone abuzz from what they had just witnessed, they went off to the very first Workshops at the HHC. Friday was the home of 4 different workshops that each attendee could choose from at the time of signup.  

Joe Navarro
Anyone who has met Joe knows that he is super humble. You would never know that he holds the amount of knowledge that he does. But those who took his workshop soon learned how much he had to offer. We had an overwhelming amount of people who responded to us saying that Joe’s workshop had changed their life.  

Joe served as an FBI special agent who specialized in behavioral assessment for 25 years. He has authored 13 books, one of which tells the story of how he successfully caught an international spy. (Seriously, check out Three Minutes to Doomsday, you won’t regret it!) Joe’s workshop on Nonverbal Communications highlighted how body language is used to assess what is said and what is being felt. One workshop attendee told us after taking Joe’s workshop, “The things Joe teaches are material and impactful because they are part of the human condition, interesting and, best of all, usable and actionable at work and in just everyday life, too.”  

https://securityboulevard.com/ 

Dov Baron 

Dov is not only a force to be reckon with, he is also an impactful human being. Everyone who met Dov was instantly attracted to his vibrant personality. Those who took his course felt that and more. Dov has been speaking internationally for more than 30 years on the evolving world of leadership. His work is so well known that is he is twice-cited as one of Inc. Magazine’s Top 100 Leadership Speakers. Beyond being a bestselling author of several books, he also led the workshop How to Thrive in the AI AGE! Leadership Skills in the Year 2030.  

Dov’s workshop focused on Human Dynamics and the hidden forces that drives all humans to achieve. With it being predicted that 40% of people will be replaced by automation in the next 15 years, Dov focuses on what to specialize in to thrive in the age of AI. He also focused on how to bond with anyone and grow the new bottom line of success.  

https://securityboulevard.com/
 

Nick Furneaux  

Nick is not only a life-long friend of the Social-Engineer family, but a well-respected expert on cyber security and digital forensics. For 25 years, Nick has consulted for companies and law enforcement institutions in the UK, Europe, the US and more. His specialties include advanced open source intelligence (OSINT) gathering techniques, Cryptocurrency crime, and RAM analysis. Nick also wrote Investigating Cryptocurrencies which is the only book in the world to teach cryptocurrency crime investigating techniques.  

Nick’s workshop was Can You Find the Toothbrush?, which had nothing to do with dental care. His class taught OSINT investigators to look beyond the obvious so that they could see intelligence that can easily be missed when researching online. The workshop provided not only practical methods that they could use to see the data behind the data, but also infer evidence that is missed by many researchers. One of our attendees that was in Nick’s class enthusiastically told us, “Nick’s class was AMAZING. He is so easy to listen to and is a very interactive trainer. He is the only teacher ever that has made me excited to learn something involving math!”  

https://securityboulevard.com/ 

R Paul Wilson

With titles like elite con artist, magician, and filmmaker, R Paul has done it all. Having executed more con games than anyone in history, he is the foremost expert in cons and scams. R Pauls experience has made him an expert of how con artists think and act when manipulating their victims. This is social engineering at its most powerful.  

R Paul came to the HHC to teach those who took his workshop how magicians and cheaters think. He taught how understanding deception can reveal countless strategies that can be applied to verbal and psychological manipulation. His workshop Dark Side of the Hand included expert deception using skill and sleight of hand. Attendees who took his class left saying, “It opens your mind up to both the practical possibilities and dealing with the expectation of your “audience” in any sense.”  

https://securityboulevard.com/ 

Social Engineering Panel – All Things Rapport  

As if the workshops weren’t enough for the day, there was another Social Engineering Panel planned for the day. Sitting down with Dov Baron, Robin Dreeke, and Brittney Caldwell, our host Chris Hadnagy interviewed them on social engineering and rapport. The conversation was enlightening to all as they learned how rapport fits into multiple aspects of life. One of our favorite moments from this panel was during a moment where Robin and Dov were discussing how rapport is used to develop strong relationships. Using the HHC as an example, they highlighted how Chris has been able to use rapport to not only form relationships with these experts in their fields but got them to all come together to form this incredible event. Our host may have shed a couple of tears hearing this, but he also might have just been chopping onions.  

https://securityboulevard.com/

Evening Event hosted by Living Security  

Our second evening event of the HHC was hosted by Living Security, who was also a sponsor. They create game changing experiences to help provide security awareness training. And when we say, “game changing”, we mean it! They brought two of their escape room games for our evening event. These escape rooms were fun and engaging for everyone.  

https://securityboulevard.com/ 

Saturday – More Joe, Workshops, and Closing Ceremonies  

Joe Navarro kicked off our Keynote Address on Saturday with The Five Things You Were Never Taught About Human Interaction. Following his sold-out workshop the day before, this Keynote gave everyone the ability to learn from Joe for themselves.  One of our attendees said about the information he learned from Joe, “Joe’s was excellent. After listening to him it has made people watching even more interesting.”  

  https://securityboulevard.com/

Saturday also offered 5 different Workshops that attendees were able to participate in 

Ian Rowland 

Ian is the foremost expert on Cold Reading and is famously known as “The Mind Man”. Helping people and companies to be more successful by teaching amazing, transformative mind skills that have practical benefits in life and in business. He’s the first and only person from outside the USA to be hired by the FBI and asked to teach cold reading and communicative skills to their field operatives.  

Ian’s workshop How To Be Psychic explained and demonstrated the art of “cold reading” (for those wondering it is, Ian describes it as how to talk to complete strangers so they think you’re psychic). Those attending were able to learn how to make confident statements about literally any aspect of someone’s life, even when you knew nothing about them. It also explained and demonstrated how some of these same communication techniques could be applied to other areas, such as business and sales. One of the SEVillage staff members said that since the Workshop, he has been “trying to decide how best to use Ian’s work in Vishing and Impersonation pretexts.” 

https://securityboulevard.com/

Stephanie Paul  

Stephanie is confident and takes great pride in her achievements. In the last 29 years of rich and diverse entertainment experiences has given her the ability to internally coach executives, sales teams, Tedx speakers and more. She also has an impressive resume of being an actress, stand up, sketch comedian, director, producer, writer, and public speaker.  

Her Workshop was called Caution: Using Influential Communication, Seduces Profound Connection. From the beginning, Stephanies workshop was highly entertaining, fun, and interactive. Before the workshop even started, our attendees remarked how she used music and other entertainment to get everyones energy up. From there Stephanie taught simple tools to help effectively navigate communication. She explained why the tricks she learned in the entertainment trade work in the real world and why they are so effective. She then empowered her audience and encouraged them to be innovative and shape engaging messages for maximum-effect.  

https://securityboulevard.com/

Robin Dreeke  

Robin is the CEO of People Formula and Behavioral Analysis Expert. He also helped Chris Hadnagy write the workbook for the Advanced Practical Social Engineering class. As a former FBI Special Agent and the Chief of the Counterintelligence Behavioral Analysis Program, Robin became passionate about the power of trust.  

Robin’s workshop, Code of Trust & Sizing People Up was based on Robin’s life work and his background. It taught the tools of rapid rapport and the craft of high-level trust. His students were able to gain a deeper understanding of the power of relationships and how those relationships are the corner stone to any progress and forward movement in every aspect of life.  

https://securityboulevard.com/

Brittney Caldwell 

Brittney is the owner of the The Vacation Theatre Group, a freelance actor, playwright and director. She also directs Social-Engineer, LLC’s Masters Level Social Engineering course. With 15 years of experience, Brittney believes in the power of performance as a teaching tool. Using her skills as an acting coach, Brittney helps facilitate specialized training for companies and individuals to improve their own training and presentation skills.  

Brittney’s Workshop, Acting like a Human: The Guide to Hacking Humans with Ease, used the same techniques that actors, like herself, use to help her students feel natural and easy in real life. She taught them how to have a greater awareness of themselves in all aspects, physically, vocally, mentally, and emotionally. One student related, “Brittney’s class really put a new perspective on how much we use nonverbals; Especially body placement and hand gestures. I felt that the way she taught, and how the lesson progressed, really showed how much of a difference our words can have when we use emphasis, contractions, context, and emotion.” 

https://securityboulevard.com/

Amanda Berlin 

Amanda is the Senior Security Analyst for Blumira and the CEO and owner of the 501(c)(3) nonprofit, Mental Health Hackers. Amanda has spent over a decade in different areas of technology and sectors providing infrastructure support, triage, and design.  

Amanda is no stranger to mental health. Having dealt with her own personal struggles for a time, she realized that she not only wasn’t alone, but that there were resources that can help others. Many may ask, why a mental health Workshop at a Human Hacking Conference? Because mental health affects all, even security professionals. Amanda’s workshop included group exercises and content from the Mental Health First Aid program. The students walked away with a better understanding of mental health issues and how to help those around them. One of students who took Amanda’s class remarked, Amanda touches on an important issue in our day and age, and especially in our field. She gave practical exercises to help you cope and how and when to seek help.”

https://securityboulevard.com/ 

Closing Ceremonies 

The final event of the HHC came too soon for all of us. Closing ceremonies was a dream come true for the Social-Engineer team. The discussion of having our own conference has been years in the making, so to finally be standing at the end of it was a momentous event. Chris Hadnagy spoke for the entire team and shared a slideshow highlighting the fun moments had by all. The night ended with good food, good whiskey, and friends sharing the last few moments of the Human Hacking Conference together

As we reflect on the HHC now, here are some of our favorite moments:

https://securityboulevard.com/   https://securityboulevard.com/   https://securityboulevard.com/https://securityboulevard.com/   https://securityboulevard.com/

https://securityboulevard.com/  https://securityboulevard.com/  https://securityboulevard.com/     https://securityboulevard.com/      https://securityboulevard.com/   https://securityboulevard.com/

The Future of the Human Hacking Conference  

With a successful first year, the Social-Engineer team is hard at work already planning our second Human Hacking Conference. We’re bringing back many of our Workshop Trainers from year Alpha and some exciting new additions! We’re already excited, and we hope that many of you will be able to join us! Want to know when? We can tell you! The dates are March 11-13 in Orlando, Fl! Follow us on social media to get all of the updates.  

All photos taken by: Amaya Hadnagy and Taylor Dodson
https://securityboulevard.com/

Sources:
www.sevillage.org

The post The Human Hacking Conference: Year Alpha appeared first on Security Through Education.

*** This is a Security Bloggers Network syndicated blog from Security Through Education authored by Social-Engineer.Org. Read the original post at: https://www.social-engineer.org/social-engineering/the-human-hacking-conference-year-alpha/





Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


Ads

NATIONAL CYBER SECURITY RADIO

Ads

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW