About The Speaker

vulncon2024@vulncon:~
speaker
Nitesh Surana
Senior Threat Researcher w/ Trend Micro
vulncon
vulncon2024@vulncon-[~]
cat ~/talk-title
From Code To Crime: Exploring Threats In GitHub Codespaces
vulncon
vulncon2024@vulncon-[~]
cat ~/talk-category
Technical Speaker
vulncon
vulncon2024@vulncon-[~]
cat ~/talk-abstract

The talk revolves aroun Cloud-based development environments like GitHub Codespaces which offer flexibility for developers to work from any device with internet access. However, their openness has led to exploitation by attackers, resulting in malicious campaigns leveraging Codespaces for developing, hosting, and exfiltrating stolen information. This presentation will explore typical methods of abuse by threat actors, showcasing DeltaStealer variants and revealing insights into developers' identities through artifacts like debug symbols with Practical recommendations for configuring cloud-based IDEs securely and proactively.

vulncon
vulncon2024@vulncon-[~]
cat ~/speaker-bio

Nitesh Surana is a Senior Threat Researcher with Trend Micro where he specializes in cloud vulnerability & security research. He has been in the top 100 MSRC Most Valuable Security Researchers in 2023 for his submissions to Microsoft via the Zero Day Initiative. He has presented across conferences such as Black Hat USA, HackInTheBox, HackInParis, Nullcon, c0c0n, Security BSides, NDC Oslo and OWASP/Null Bangalore meetups. Apart from playing with packets and syscalls, Nitesh is found attending concerts and writing/playing music.