Matthew Flanagan

Our friends @cybliminal.com l have been ongoing supporters and with just over a week left, we wanted to throw another thank you their way. Big hugs to Matthew Flanagan and the Cybliminal crew for supporting our con!

Women of CrikeyCon 11 networking event Get tickets on Humanitix - Women of CrikeyCon 11 networking event. Venue provided after registering for a ticket!. Thursday 19th March 2026. Find event information.

Hey hey Women of CrikeyCon! Get your tickets for the networking event here:
events.humanitix.com/women-of-cri...

Come join Alex Tilley on stage as we're brought through lived experiences in "Real world management in the world of Bad Days". We're stoked to hear this one as no one wants to deal with, but everyone should be prepped to get through, a massively bad day.

First up on 21st March we have @ellearmageddon.bsky.social taking the stage. Elle's joining us with their talk "nothing we do matters (so it can’t hurt to try!)". Join us to see them at the RNA showgrounds, and get some much needed hope in these times!

We’ll be there again this year supporting these wonderful people ❤️‍🔥 I’m looking forward to seeing Elle Armageddon’s keynote.
If you spot us say Hi…we might just have some @cybergoodies.run t-shirts to give away.

Our schedule is up, and we're excited to announce our speaker @snyff.pentesterlab.com is joining us on stage with I DON'T LIKE THIS CODE!!! Get ready to walk through a series of real-world inspired code snippets with one minute to figure it out. Only question, will there be jeopardy music?

Thanks Crikey crew! It’s a great bunch of speaker you’ve got lined up this year. Can’t wait to see the! 😍

Wow!
We’re over 2/3 of the way through the tickets now, we’ll keep on selling til capacity or the day before, but merchandise pre-sales will end on Sunday as we have to finalise the order!
There will be some for sale on the day too but no guarantees on sizes....
Head to www.crikeycon.com

CFP and CFE has officially closed. We had a huge turnout, thank you so much for your time and effort to submit your ideas. Droppy & the Sleuth are busily reviewing and looking to get a response to everyone that submitted latest by the 21st.

Reach out if you have any questions!

Droppy & the Sleuth

New BSides Canberra IX look unlocked.

Blue tones, laser lines, and energy straight out of the grid.

Website updated, more to come.

CrikeyCon 11 (2026) Call for Presentations *** CFE CLOSES February 1 2026 *** Saturday March 21 2026 Royal International Convention Centre, Bowen Hills, Brisbane, QLD CrikeyCon is a community-led conference targeting those with an interest i...

Sunday when CFP and CFE closes, get your ideas in now!

CFP: docs.google.com/forms/d/e/1F...
CFE: docs.google.com/forms/d/e/1F...

We have had some awesome submissions already, but if you've got that talk up your sleeve or a great idea for a workshop or longer presentation then we're all ears.
Put your paw up to be part of the show!!

CrikeyCon 11 Brisbane hacker conference, run by the community for the community.

Happy New Year!

CrikeyCon 11 is three months away. Come join us in Brisbane on 21st of March for informal, welcoming, real knowledge sharing — from hard-won lessons, to clever demos and challenges, or testing fresh ideas. Grab your ticket: events.humanitix.com/crikeycon-11

Huge thanks to @infosectcbr.bsky.social who have returned as Gold Sponsors! Their contribution to the communities around us make us so proud to get their support and sponsorship. Many hugs, Droppy & The Sleuth

TROOPERS25: Finding Entra ID CA Bypasses - The Structured Way YouTube video by TROOPERS IT Security Conference

@_dirkjan and my joint talk at #TROOPERS25 is now available on YouTube.

"Finding Entra ID CA Bypasses - the structured way" @wearetroopers.bsky.social

youtu.be/yYQBeDFEkps

If you missed my talk at BSides Canberra you can catch up on it now on YouTube

Big shout out to @cybliminal.com our first silver sponsor this year! Massive hugs for the returning support; can't wait to see you out at the showgrounds.

BSides Canberra

Lots of DMs asking for BSides Canberra 2025 talks — they’ll be on YouTube in a month+ 🎥 Speakers are reviewing their sessions first, so stay tuned!

👉 youtube.com/@bsidescanbe...

Celebrating 10 years of amazing artwork for BSides Canberra! 🎨 Huge thanks to Sydney-based Aussie Glenno for bringing our logos to life. Real artists > AI every time.

www.instagram.com/glennoart?ig...

Thanks again to @bsidescbr.bsky.social for inviting me to present my research on living off the land on Palo Alto Networks firewalls as well as sharing new tools I’ve developed to creatively misuse 😜 firewall features for credential harvesting and port scanning.
Some great questions too!

Thanks again to @bsidescbr.bsky.social for inviting me to present my research on living off the land on Palo Alto Networks firewalls as well as sharing new tools I’ve developed to creatively misuse 😜 firewall features for credential harvesting and port scanning.
Some great questions too!

CTF early registration is now open! 🕹️
Get set up ahead of time so you’re ready to go when the CTF kicks off this Friday at BSides Canberra.

Register here: ctf.sk8boarding.dog

Just one week to go until I present the research from my “Panning for Gold: A Hacker’s Guide to Next Generation Firewalls” paper. Come along and listen to it at @bsidescbr.bsky.social if you’d like to up your post-exploitation game or learn how to better defend your environment.

For the record, Expel silently updated their blog post to replace bypass with downgrade for this attack

This year at BSidesCbr, both the Main Track and the Off-Main Track will run across all three days.

Main Track brings the big research, big ideas, and big names.
Off-Main features beginner-friendly talks, deep dives, and unexpected gems—streamed to four theatrettes.

Decoding Threat Actors: a Free Tool for Mapping Aliases and Taming the Name Game BSides Canberra 2025 Drowning in the chaos of Threat Actor aliases? Fancy Bear or Forest Blizzard? Wicked Panda or BRONZE ATLAS? And malware families? CageyChameleon or Cabbage RAT? Qakbot or Pinkslipbot? In this session...

"Decoding Threat Actors: a Free Tool for Mapping Aliases"
Fancy Bear or Forest Blizzard? Qakbot or Pinkslipbot?
Dave Matthews reveals a free tool to untangle the threat actor name game - linking aliases, malware families & public research.
cfp.bsidescbr.com.au/bsides-canbe...

Ding Dong The EDR is DEAD BSides Canberra 2025 Endpoint Detection and Response (EDR) is the watchdog running on your endpoint to detect and respond to threats in real-time. However, like other defenses, it is not a foolproof solution. In this talk...

"Ding Dong the EDR is DEAD"
EDR isn't invincible. Ayman Sagy walks through a real-world exploit against Palo Alto Cortex XDR - earning CVE-2024-8690 and a $2K bounty.
See how it was done.
cfp.bsidescbr.com.au/bsides-canbe...

Why Rust is Safe BSides Canberra 2025 C and C++ are awesome / terrible – they let you do whatever you want with pointers, resulting in all the tasty memory corruption vulnerabilities we know and love. Other languages impose a runtime or g...

"Why Rust is Safe"
Memory safety and C-level performance with no GC or runtime?
Ben Williamson breaks down how Rust’s ownership model delivers safety guarantees at compile time, making it fit for kernels, firmware, and more.
cfp.bsidescbr.com.au/bsides-canbe...

Reversing Bytecode into Bounties: Uncovering Vulnerabilities in Jira and Confluence Plugins BSides Canberra 2025 Whitebox assessments are like unlocking the entire game map, and it's totally up to you to decide what’s worth exploring. Understanding how to decompile apps and navigate them will equip you with the ...

"Reversing Bytecode into Bounties"
Jira and Confluence plugins can hide serious vulns, if you know where to look. Giuliana and Jamal from Atlassian will show you how to decompile, scan, and exploit like a pro.
Whitebox your way to bounties:
cfp.bsidescbr.com.au/bsides-canbe...

Why I am (still) finding secrets in your code BSides Canberra 2025 Despite the widespread availability of secret scanning tools, thousands of sensitive credentials continue to be exposed in popular open source ecosystems, a security blind spot that sparked my curiosi...

"Why I am (still) finding secrets in your code"
Despite all the secret scanning tools, sensitive creds are still everywhere. Luke Marshall shares how he's found exposed secrets across ecosystems, and helped secure 40+ orgs.
🔗 cfp.bsidescbr.com.au/bsides-canbe...