SureCloud logo
Request a demo Contact us Resources

1 pm- 11 August 2019 I Las Vegas

Our Principal Cybersecurity Consultant, Elliott Thompson, spoke at one of the world’s largest hacker conventions; DEF CON, which is held annually in Las Vegas. He discussed and demonstrated ‘MICASA-SUCASA,’ a tool that can automate the exploitation of hundreds of interfaces all at once.

Using a novel combination of redirects, Karma, JavaScript and caching, Elliott demonstrated that it’s viable to attack internal management interfaces without ever connecting to your network. Elliott’s presentation introduced not only the attack vector, but he also discussed the public release of the MICASA-SUCASA tool.

About Elliott

Elliott Thompson, one of SureCloud’s Senior Security Consultants, delivers on a variety of large and unusual pen-testing engagements. Elliott engages targets throughout Europe, Asia, and the Middle East through infrastructure testing and reverse engineering to physical, social engineering and red teaming. Elliott has also appeared on the BBC as a cybersecurity expert, is a CVE identifier, CHECK Team Leader and CREST Registered Tester.

Elliott is passionate about security and involved in various article pieces for Infosec Magazine, the BBC and the UK consumer watchdog Which?. Furthermore, last year Elliott discovered and disclosed an exploit on Android tablets, which allowed attackers full access to the device including access to the webcam, speakers and microphone. Watch the webinar here. 

About SureCloud

SureCloud also offers a wide range of Cybersecurity testing and assurance services, where we stay with you throughout the entire test life-cycle from scoping through to vulnerability discovery and remediation. Certified by the National Cyber Security Centre (NCSC) & CREST and delivered using the innovative Pentest-as-a-Service (underpinned by a highly configurable technology platform), SureCloud acts as an extension of your in-house security team and ensures you have everything you need to improve your risk posture.

 

Get Started with SureCloud