WINDOWS GOLD MINING!

Wed, 10/12/2022 - 10:48 — mancini
Date: 
Wednesday, October 26, 2022
Location: 
Online, video conference
Time: 
3:00 PM - 5:00 PM

Title: Windows Gold Mining! 

Speakers:

  • Federico Lagastra, 1st Lieutenant of the Army Signals Branch, assigned to the Cybersecurity Unit of the Italian Army Signals Command.
     
  • Davide Tarantino, Officer of the Engineers' Corps, assigned to the C5I Systems Branch of the Army General Staff - Army C4 Command.

Affiliation: Italian army. 

Biographies: 

  • Federico Lagrasta is a 1st Lieutenant of the Army Signals Branch, currently assigned to the Cybersecurity Unit of the Italian Army Signals Command. After graduating from the Italian Air Force Military School, he joined the Army as an Officer Cadet of the 196th Officers Course of the Military Academy in 2014. Promoted 1st Lieutenant in 2019, he was assigned to the 3rd Signals Regiment where he served as a Platoon Commander and Company Deputy Commander until September 2020, when he was reassigned to the newly formed Cybersecurity Unit as Company Deputy Commander. He has a Masters's Degree in Strategic Sciences and a 2nd Level Master's in Intelligence and ICT.
     
  • Lieutenant Davide Tarantino graduated in Computer Engineering and achieved a 2nd Level Master's degree in Manufacturing 4.0 at Politecnico di Torino. He worked as Data Analyst and technical focal point for Digital Finance Analytics at General Electric Aviation. During this period, he was an accountant training technical and non-technical employees on digital and statistics topics with a specific focus on non-relational data lake infrastructure and predictive algorithms. In January 2020, he joined the Italian Army as an Officer of the Engineers' Corps and was assigned to the C5I Systems Branch of the Army General Staff - Army C4 Command.

Description: Like other operating systems, the security model of the Windows OS is a complex tangle of different concepts and mechanisms which, as is always the case when it comes to cyber defence and offence, is often a target of offensive research. In this talk, we will explore the workings of the authentication mechanism of the aforementioned OS and dive deep into the techniques attackers use to exploit it in order to harvest credentials and implant backdoors. The goal is to provide the audience with the necessary technical knowledge to fully understand both offensive techniques, which a penetration tester or a red teamer can use, and state-of-the-art mitigations, which a systems engineer or a blue teamer may deploy.

Registration: Please note that this event is open only to Sapienza students. 
Participation is free. However, registration is required on Eventbrite at the following link: "Windows Gold Mining!" 

Related content: Students can access the slides and recording at this link