I had a great time presenting to the @bsidesmelbourne.bsky.social crowd on the weekend. Thanks to the crew and volunteers for running such a welcoming, vibrant conference, with a great selection of talks! Big ❤️ to Edwina Richards for the photos! #BSidesMelb2026 #WontSomebodyPleaseEatTheFruit

I'm excited to announce I'll be taking the stage at @bsidesmelbourne.bsky.social 16-17 May 2026 at SEEK HQ in Cremorne. I'll be presenting Panning for Gold: A Hacker's Guide to Next Generation Firewalls on how attackers can exploit FW features and weaknesses to increase the impact of a compromise.

What do you do when you find yourself the new owner of Kubernetes config during a pentest? Find out the answer, and more with Finn Foulds-Cook during his talk on Saturday - "Help I got a k8s config?"

Our friends @cybliminal.com l have been ongoing supporters and with just over a week left, we wanted to throw another thank you their way. Big hugs to Matthew Flanagan and the Cybliminal crew for supporting our con!

Hey hey Women of CrikeyCon! Get your tickets for the networking event here: events.humanitix.com/women-of-cri...

Come join Alex Tilley on stage as we're brought through lived experiences in "Real world management in the world of Bad Days". We're stoked to hear this one as no one wants to deal with, but everyone should be prepped to get through, a massively bad day.

First up on 21st March we have @ellearmageddon.bsky.social taking the stage. Elle's joining us with their talk "nothing we do matters (so it can’t hurt to try!)". Join us to see them at the RNA showgrounds, and get some much needed hope in these times!

We’ll be there again this year supporting these wonderful people ❤️‍🔥 I’m looking forward to seeing Elle Armageddon’s keynote. If you spot us say Hi…we might just have some @cybergoodies.run t-shirts to give away.

Our schedule is up, and we're excited to announce our speaker @snyff.pentesterlab.com is joining us on stage with I DON'T LIKE THIS CODE!!! Get ready to walk through a series of real-world inspired code snippets with one minute to figure it out. Only question, will there be jeopardy music?

Thanks Crikey crew! It’s a great bunch of speaker you’ve got lined up this year. Can’t wait to see the! 😍

Wow! We’re over 2/3 of the way through the tickets now, we’ll keep on selling til capacity or the day before, but merchandise pre-sales will end on Sunday as we have to finalise the order! There will be some for sale on the day too but no guarantees on sizes.... Head to www.crikeycon.com

CFP and CFE has officially closed. We had a huge turnout, thank you so much for your time and effort to submit your ideas. Droppy & the Sleuth are busily reviewing and looking to get a response to everyone that submitted latest by the 21st. Reach out if you have any questions! Droppy & the Sleuth

New BSides Canberra IX look unlocked. Blue tones, laser lines, and energy straight out of the grid. Website updated, more to come.

Sunday when CFP and CFE closes, get your ideas in now! CFP: docs.google.com/forms/d/e/1F... CFE: docs.google.com/forms/d/e/1F...

We have had some awesome submissions already, but if you've got that talk up your sleeve or a great idea for a workshop or longer presentation then we're all ears. Put your paw up to be part of the show!!

Happy New Year! CrikeyCon 11 is three months away. Come join us in Brisbane on 21st of March for informal, welcoming, real knowledge sharing — from hard-won lessons, to clever demos and challenges, or testing fresh ideas. Grab your ticket: events.humanitix.com/crikeycon-11

Huge thanks to @infosectcbr.bsky.social who have returned as Gold Sponsors! Their contribution to the communities around us make us so proud to get their support and sponsorship. Many hugs, Droppy & The Sleuth

@_dirkjan and my joint talk at #TROOPERS25 is now available on YouTube. "Finding Entra ID CA Bypasses - the structured way" @wearetroopers.bsky.social youtu.be/yYQBeDFEkps

If you missed my talk at BSides Canberra you can catch up on it now on YouTube

Big shout out to @cybliminal.com our first silver sponsor this year! Massive hugs for the returning support; can't wait to see you out at the showgrounds.

Lots of DMs asking for BSides Canberra 2025 talks — they’ll be on YouTube in a month+ 🎥 Speakers are reviewing their sessions first, so stay tuned! 👉 youtube.com/@bsidescanbe...

Celebrating 10 years of amazing artwork for BSides Canberra! 🎨 Huge thanks to Sydney-based Aussie Glenno for bringing our logos to life. Real artists > AI every time. www.instagram.com/glennoart?ig...

Thanks again to @bsidescbr.bsky.social for inviting me to present my research on living off the land on Palo Alto Networks firewalls as well as sharing new tools I’ve developed to creatively misuse 😜 firewall features for credential harvesting and port scanning. Some great questions too!

Thanks again to @bsidescbr.bsky.social for inviting me to present my research on living off the land on Palo Alto Networks firewalls as well as sharing new tools I’ve developed to creatively misuse 😜 firewall features for credential harvesting and port scanning. Some great questions too!

CTF early registration is now open! 🕹️ Get set up ahead of time so you’re ready to go when the CTF kicks off this Friday at BSides Canberra. Register here: ctf.sk8boarding.dog

Just one week to go until I present the research from my “Panning for Gold: A Hacker’s Guide to Next Generation Firewalls” paper. Come along and listen to it at @bsidescbr.bsky.social if you’d like to up your post-exploitation game or learn how to better defend your environment.

For the record, Expel silently updated their blog post to replace bypass with downgrade for this attack

This year at BSidesCbr, both the Main Track and the Off-Main Track will run across all three days. Main Track brings the big research, big ideas, and big names. Off-Main features beginner-friendly talks, deep dives, and unexpected gems—streamed to four theatrettes.

"Decoding Threat Actors: a Free Tool for Mapping Aliases" Fancy Bear or Forest Blizzard? Qakbot or Pinkslipbot? Dave Matthews reveals a free tool to untangle the threat actor name game - linking aliases, malware families & public research. cfp.bsidescbr.com.au/bsides-canbe...

"Ding Dong the EDR is DEAD" EDR isn't invincible. Ayman Sagy walks through a real-world exploit against Palo Alto Cortex XDR - earning CVE-2024-8690 and a $2K bounty. See how it was done. cfp.bsidescbr.com.au/bsides-canbe...

"Why Rust is Safe" Memory safety and C-level performance with no GC or runtime? Ben Williamson breaks down how Rust’s ownership model delivers safety guarantees at compile time, making it fit for kernels, firmware, and more. cfp.bsidescbr.com.au/bsides-canbe...

"Reversing Bytecode into Bounties" Jira and Confluence plugins can hide serious vulns, if you know where to look. Giuliana and Jamal from Atlassian will show you how to decompile, scan, and exploit like a pro. Whitebox your way to bounties: cfp.bsidescbr.com.au/bsides-canbe...

"Why I am (still) finding secrets in your code" Despite all the secret scanning tools, sensitive creds are still everywhere. Luke Marshall shares how he's found exposed secrets across ecosystems, and helped secure 40+ orgs. 🔗 cfp.bsidescbr.com.au/bsides-canbe...

"Bitsquatting dot gov.au domains" Ever blamed cosmic rays for DNS weirdness? Matt Belvedere explores a year of bitflip data in .gov.au traffic, digging into real-world bitsquatting and unexpected system-to-system auth. cfp.bsidescbr.com.au/bsides-canbe...

"DarkEngine – Researching a Global Phishing Campaign" nullifysecurity breaks down a large-scale phishing op that compromised 2,350+ WordPress sites via fake CAPTCHA lures. cfp.bsidescbr.com.au/bsides-canbe...

"Behind the Curtain of Dark Web and Cybercrime Operations" Join Alexander Wilczek as he reveals insights from a 4-year investigation into how cybercriminals move and launder money - using OSINT, blockchain tools, and strong OPSEC. cfp.bsidescbr.com.au/bsides-canbe...

I’m incredibly excited to be accepted by @bsidescbr.bsky.social to present my research on Next Gen Firewalls. I can’t wait to get up there for the first time to share it with you all!

Justin's talk title speaks for itself: “Well well well, if it isn’t the consequences of my own actions” - the time I got in the middle of 100,000 Linux machines and their LVFS firmware updates and then somehow bypassed the fwupd PGP signature checking

Open source sits at the base of the software supply chain. Fraser talks about how critical it is for open source to establish security response teams and infrastructure. Listen to the experiences learned from bootstrapping and leading the Haskell security response team.

We're a week away and we wanted to say another big thank you to our sponsors. This year Cybliminal has joined us as a Silver sponsor! Big thanks to Cybliminal #crikeycon

Come learn with Kelsy how to develop your cyber team as trustworthy within an org, rather than a compliance function, and how increasing levels of perceived legitimacy may allow security teams to further leverage employees as practical and informed resources!

Jumping on stage we have Simbo who will be talking all things SIEM in the talk "SIEM-less security; Panacea or placebo". Join us March 22 to see this talk and more at CrikeyCon. Get your ticket here: events.humanitix.com/crikeycon-x

We're excited to announce we have Georgia back on stage with us to present 'Hacking Minds not machines: How meetings not malware can compromise your controls'!

Hey cyber people, Cybliminal have a ticket to @crikeycon.bsky.social X on 22nd March in Brisbane to giveaway. DM us if you are keen to attend.

Colby joins us on stage to talk Cyber security exercises D&D style. Get emersed through his talk on building scenarios and narrative, supporting player agency, and keeping things flowing in Tabletops & Dragons. #crikeycon

Next up we have Zane on stage to dive into the anatomy of credential attacks, exploring how attackers exploit stolen credentials, bypass defences, and leverage automation to maximize their success. Does MFA work, how well, and what else can you do in 'Credential Stuffing Unmasked'?

This year NTT is supporting our Women of CrikeyCon event on 20th March. Women of CrikeyCon provide a chance for attendees identifying as women, friends, and the wider community to meet before CrikeyCon to promote diversity and inclusion. Register here: events.humanitix.com/crikeycon-x-...

Exciting times! We have now published the events and presentation schedule for CrikeyCon X next week! crikeycon crikeycon.com/schedule/ Workshops will be running on the day too - we'll send out details and registration forms to ticket holders soon...

Less than 4 weeks to go till @crikeycon.bsky.social X! Woot! Check out our updated website for events, and speakers TBA announced soon. www.crikeycon.com

The Decipher Bureau crew are back both as Silver sponsors and running our CrikeyConnect. With massive experience recruiting for the cyber security industry, come grab a refreshment and get some tips on what’s happening in the job market.