Jump to navigation Jump to content

Speaker

Tom Jøran Rønning

Tom Jøran Rønning

Internal penetration tester at Statnett. Security Researcher.

Oslo, Norway

Actions

20+ years work experience with infrastructure, 10+ years with Security and 30+ years of programming.

Links

Area of Expertise

  • Information & Communications Technology

Topics

  • Penetration testing
  • Living off the land
  • Evading Antivirus
  • Bypassing Firewall

Sessions

Ghost in the Wires

An attacker can do stealthy lateral movement around the network, exploiting misconfigurations and even IOT-devices, doing reconnaissance, privilege escalation and gathering credentials, all by executing simple commands/scripts and using built-in tools; and without being detected.

This talk will show all of this through multiple technical demos, and may make you realize that there might be "visitors" in your infrastructure that you haven't been able to detect.

Scope: On-prem AD

Technical level 300-400
Preferred session duration 1 hour
First public delivery the 4th of May at Palo Alto Networks Tech Summit 2023, Oslo.

Events

Kraftcert Forum

May 2024

Palo Alto Tech Summit Norway 2024

"Ghost in the Wires"-talk.
Technical demonstration that show multiple techniques that attackers can use to exploit vulnerabilities, escalate privileges and move laterally, without being detected.

April 2024 Oslo, Norway

HackCon

"Ghost in the Wires"-talk.
Technical demonstration that show multiple techniques that attackers can use to exploit vulnerabilities, escalate privileges and move laterally, without being detected.

February 2024 Oslo, Norway

Security Workshop at The Norwegian Water Resources and Energy Directorate (NVE)

"Ghost in the Wires"-talk.
Technical demonstration that show multiple techniques that attackers can use to exploit vulnerabilities, escalate privileges and move laterally, without being detected.

November 2023 Oslo, Norway

NIC Cloud Connect 2023 Sessionize Event

November 2023 Oslo, Norway

Smart Grid Forums Cybersecurity Week 2023

Session Title: "Conducting unannounced penetration testing to understand how hackers can bypass your detection systems"
* Demonstrating system vulnerabilities and the limitations of compliance to raise awareness of threat actors’ methodologies and capabilities
* Developing scripts to bypass detection systems, conducting reconnaissance, and looking for credentials to show practical paths that can be used to exploit vulnerabilities
* Understanding how risk assessment, compliance and configuration need to be improved, and detection algorithms hardened to mitigate threat

May 2023 Amsterdam, The Netherlands

Tom Jøran Rønning

Internal penetration tester at Statnett. Security Researcher.

Oslo, Norway

Links

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top