#steelcon — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #steelcon, aggregated by home.social.
-
#SteelCon is on again this year, June 10th-12th July in #Sheffield
Apparently tickets will be on sale from the 24th April
-
Managed to grab a #SteelCon ticket in today's drop, see you there!
-
Oops, I forgot one:
I also went to this talk at #SteelCon by Sam Maesschalck about OT.
No, not Operating Thetan, but #OperationalTechnology apparently, which basically means embedded systems etc for manufacturing and utilities etc. and what we can do to try and secure these old/insecure systems that were never supposed to be on the internet.... -
Next at #SteelCon was a talk about Threat Modelling, slides are available here: https://github.com/ajones17/TMT2025
They mentioned using the free Microsoft Threat Modelling software, available at https://aka.ms/tmt, and the various frameworks available:
STRIDE: https://www.microsoft.com/en-us/security/blog/2007/09/11/stride-chart/
PASTA: https://versprite.com/cybersecurity-listings/offsec/threat-models/
DREAD: https://download.microsoft.com/download/d/8/c/d8c02f31-64af-438c-a9f4-e31acb8e3333/Threats_Countermeasures.pdfOne interesting thing that makes sense, but I'd not really thought about, was that new supplier "offboarding" should be written at the same time as "onboarding" docs.
If nothing else, it should signal to the supplier that you have thought about an exit strategy. -
Next at #SteelCon I went to "Hacking Stripe Integrations to Bypass E-Commerce Payments" by Ananda Dhakal, who was part of the Nepal team of hackers that were assigned Stripe as a target of a 2023 competition.
They found some vulnerabilities.One was that you could basically edit the HTML to lower the postage rate to "0" and the system would accept it and honour the transaction 🤣
Next year they were assigned the same target and found more!
-
#SteelCon Adaora Uche - #Scams, #Sextortion and Snapchats: Keeping Gen-Alpha Safe in a Digital Wild West
Within 19 hrs of 1 guy in the US starting chatting with a sextorter on the Wizz app, he had killed himself. This was not the only example.
In the audience, someone from a school said they had a teacher disappear recently from a secondary school, and it turned out he was being investigated for being inappropriate with 20 kids from the school. She is dealing with the fallout with 6 of the children.
Someone else in the audience was sextorted, and was threatened with her parents and work being told. She bravely didn't give in to their demands.
A credit to her parents, they basically said "what is your point? we've seen her nude before" 🤣
She said it was an interesting talk with her employer, however 😢 -
At #Steelcon today and the swag is impressive for their 10th anniversary run
-
I had a good day at #Steelcon yesterday.
I joined the "Exploring Windows with PowerShell" workshop, and although I have used #PowerShell off and on for years, I still learnt loads.
There are some interesting code samples here: https://pastebin.com/u/guyrleech and here: https://github.com/guyrleechI also met some nice people, and am looking forward to some interesting talks today.
-
#SteelCon tickets are still available!
Anyone going from here?
I've just got my ticket and there are still some available: https://www.steelcon.info/2025-steelcon/tickets/I went a couple of years ago and it was good.
-
This year’s #steelcon run had 6 people turn up this time was super warm !
-
-
Excited to be back at #steelcon in Sheffield today after missing it for a few years.
-
Got this in my #steelcon goody bag can you tell who it is ?
-
-
Great to catch up with @CraigMarston at #Steelcon again this year