Matthew Flanagan
@mattimustang.com
Director and Principal Cyber Security Consultant @cybliminal.com
Reposted by Matthew Flanagan
Big shout out to @cybliminal.com our first silver sponsor this year! Massive hugs for the returning support; can't wait to see you out at the showgrounds.
November 15, 2025 at 10:21 PM
Big shout out to @cybliminal.com our first silver sponsor this year! Massive hugs for the returning support; can't wait to see you out at the showgrounds.
Reposted by Matthew Flanagan
Lots of DMs asking for BSides Canberra 2025 talks — they’ll be on YouTube in a month+ 🎥 Speakers are reviewing their sessions first, so stay tuned!
👉 youtube.com/@bsidescanbe...
👉 youtube.com/@bsidescanbe...
BSides Canberra
youtube.com
October 3, 2025 at 8:55 PM
Lots of DMs asking for BSides Canberra 2025 talks — they’ll be on YouTube in a month+ 🎥 Speakers are reviewing their sessions first, so stay tuned!
👉 youtube.com/@bsidescanbe...
👉 youtube.com/@bsidescanbe...
Reposted by Matthew Flanagan
Celebrating 10 years of amazing artwork for BSides Canberra! 🎨 Huge thanks to Sydney-based Aussie Glenno for bringing our logos to life. Real artists > AI every time.
www.instagram.com/glennoart?ig...
www.instagram.com/glennoart?ig...
October 3, 2025 at 10:16 PM
Celebrating 10 years of amazing artwork for BSides Canberra! 🎨 Huge thanks to Sydney-based Aussie Glenno for bringing our logos to life. Real artists > AI every time.
www.instagram.com/glennoart?ig...
www.instagram.com/glennoart?ig...
Thanks again to @bsidescbr.bsky.social for inviting me to present my research on living off the land on Palo Alto Networks firewalls as well as sharing new tools I’ve developed to creatively misuse 😜 firewall features for credential harvesting and port scanning.
Some great questions too!
Some great questions too!
September 29, 2025 at 7:22 AM
Thanks again to @bsidescbr.bsky.social for inviting me to present my research on living off the land on Palo Alto Networks firewalls as well as sharing new tools I’ve developed to creatively misuse 😜 firewall features for credential harvesting and port scanning.
Some great questions too!
Some great questions too!
Thanks again to @bsidescbr.bsky.social for inviting me to present my research on living off the land on Palo Alto Networks firewalls as well as sharing new tools I’ve developed to creatively misuse 😜 firewall features for credential harvesting and port scanning.
Some great questions too!
Some great questions too!
September 29, 2025 at 7:21 AM
Thanks again to @bsidescbr.bsky.social for inviting me to present my research on living off the land on Palo Alto Networks firewalls as well as sharing new tools I’ve developed to creatively misuse 😜 firewall features for credential harvesting and port scanning.
Some great questions too!
Some great questions too!
Reposted by Matthew Flanagan
CTF early registration is now open! 🕹️
Get set up ahead of time so you’re ready to go when the CTF kicks off this Friday at BSides Canberra.
Register here: ctf.sk8boarding.dog
Get set up ahead of time so you’re ready to go when the CTF kicks off this Friday at BSides Canberra.
Register here: ctf.sk8boarding.dog
noCTF
ctf.sk8boarding.dog
September 23, 2025 at 10:04 PM
CTF early registration is now open! 🕹️
Get set up ahead of time so you’re ready to go when the CTF kicks off this Friday at BSides Canberra.
Register here: ctf.sk8boarding.dog
Get set up ahead of time so you’re ready to go when the CTF kicks off this Friday at BSides Canberra.
Register here: ctf.sk8boarding.dog
Just one week to go until I present the research from my “Panning for Gold: A Hacker’s Guide to Next Generation Firewalls” paper. Come along and listen to it at @bsidescbr.bsky.social if you’d like to up your post-exploitation game or learn how to better defend your environment.
I’m incredibly excited to be accepted by @bsidescbr.bsky.social to present my research on Next Gen Firewalls. I can’t wait to get up there for the first time to share it with you all!
"Panning for Gold - A Hacker's Guide to Next Generation Firewalls"
What happens when a firewall stops being the defence and becomes the foothold?
@mattimustang.com explores real-world tactics for abusing NGFWs: credential theft, mapping, lateral movement.
cfp.bsidescbr.com.au/bsides-canbe...
What happens when a firewall stops being the defence and becomes the foothold?
@mattimustang.com explores real-world tactics for abusing NGFWs: credential theft, mapping, lateral movement.
cfp.bsidescbr.com.au/bsides-canbe...
September 20, 2025 at 9:17 AM
Just one week to go until I present the research from my “Panning for Gold: A Hacker’s Guide to Next Generation Firewalls” paper. Come along and listen to it at @bsidescbr.bsky.social if you’d like to up your post-exploitation game or learn how to better defend your environment.
Reposted by Matthew Flanagan
For the record, Expel silently updated their blog post to replace bypass with downgrade for this attack
-New phishing technique bypasses FIDO keys
-Surveillance vendor deploys new SS7 exploit
-South Korea's largest insurance provider gets ransomed
-Europol take down NoName057 servers
-Australia to create a cyber reserves force
Podcast: risky.biz/RBNEWS453/
Newsletter: news.risky.biz/risky-bullet...
-Surveillance vendor deploys new SS7 exploit
-South Korea's largest insurance provider gets ransomed
-Europol take down NoName057 servers
-Australia to create a cyber reserves force
Podcast: risky.biz/RBNEWS453/
Newsletter: news.risky.biz/risky-bullet...
July 20, 2025 at 8:32 AM
For the record, Expel silently updated their blog post to replace bypass with downgrade for this attack
Reposted by Matthew Flanagan
This year at BSidesCbr, both the Main Track and the Off-Main Track will run across all three days.
Main Track brings the big research, big ideas, and big names.
Off-Main features beginner-friendly talks, deep dives, and unexpected gems—streamed to four theatrettes.
Main Track brings the big research, big ideas, and big names.
Off-Main features beginner-friendly talks, deep dives, and unexpected gems—streamed to four theatrettes.
July 17, 2025 at 5:28 AM
This year at BSidesCbr, both the Main Track and the Off-Main Track will run across all three days.
Main Track brings the big research, big ideas, and big names.
Off-Main features beginner-friendly talks, deep dives, and unexpected gems—streamed to four theatrettes.
Main Track brings the big research, big ideas, and big names.
Off-Main features beginner-friendly talks, deep dives, and unexpected gems—streamed to four theatrettes.
Reposted by Matthew Flanagan
"Decoding Threat Actors: a Free Tool for Mapping Aliases"
Fancy Bear or Forest Blizzard? Qakbot or Pinkslipbot?
Dave Matthews reveals a free tool to untangle the threat actor name game - linking aliases, malware families & public research.
cfp.bsidescbr.com.au/bsides-canbe...
Fancy Bear or Forest Blizzard? Qakbot or Pinkslipbot?
Dave Matthews reveals a free tool to untangle the threat actor name game - linking aliases, malware families & public research.
cfp.bsidescbr.com.au/bsides-canbe...
Decoding Threat Actors: a Free Tool for Mapping Aliases and Taming the Name Game BSides Canberra 2025
Drowning in the chaos of Threat Actor aliases? Fancy Bear or Forest Blizzard? Wicked Panda or BRONZE ATLAS? And malware families? CageyChameleon or Cabbage RAT? Qakbot or Pinkslipbot?
In this session...
cfp.bsidescbr.com.au
July 17, 2025 at 11:25 PM
"Decoding Threat Actors: a Free Tool for Mapping Aliases"
Fancy Bear or Forest Blizzard? Qakbot or Pinkslipbot?
Dave Matthews reveals a free tool to untangle the threat actor name game - linking aliases, malware families & public research.
cfp.bsidescbr.com.au/bsides-canbe...
Fancy Bear or Forest Blizzard? Qakbot or Pinkslipbot?
Dave Matthews reveals a free tool to untangle the threat actor name game - linking aliases, malware families & public research.
cfp.bsidescbr.com.au/bsides-canbe...
Reposted by Matthew Flanagan
"Ding Dong the EDR is DEAD"
EDR isn't invincible. Ayman Sagy walks through a real-world exploit against Palo Alto Cortex XDR - earning CVE-2024-8690 and a $2K bounty.
See how it was done.
cfp.bsidescbr.com.au/bsides-canbe...
EDR isn't invincible. Ayman Sagy walks through a real-world exploit against Palo Alto Cortex XDR - earning CVE-2024-8690 and a $2K bounty.
See how it was done.
cfp.bsidescbr.com.au/bsides-canbe...
Ding Dong The EDR is DEAD BSides Canberra 2025
Endpoint Detection and Response (EDR) is the watchdog running on your endpoint to detect and respond to threats in real-time. However, like other defenses, it is not a foolproof solution. In this talk...
cfp.bsidescbr.com.au
July 17, 2025 at 11:32 PM
"Ding Dong the EDR is DEAD"
EDR isn't invincible. Ayman Sagy walks through a real-world exploit against Palo Alto Cortex XDR - earning CVE-2024-8690 and a $2K bounty.
See how it was done.
cfp.bsidescbr.com.au/bsides-canbe...
EDR isn't invincible. Ayman Sagy walks through a real-world exploit against Palo Alto Cortex XDR - earning CVE-2024-8690 and a $2K bounty.
See how it was done.
cfp.bsidescbr.com.au/bsides-canbe...
Reposted by Matthew Flanagan
"Why Rust is Safe"
Memory safety and C-level performance with no GC or runtime?
Ben Williamson breaks down how Rust’s ownership model delivers safety guarantees at compile time, making it fit for kernels, firmware, and more.
cfp.bsidescbr.com.au/bsides-canbe...
Memory safety and C-level performance with no GC or runtime?
Ben Williamson breaks down how Rust’s ownership model delivers safety guarantees at compile time, making it fit for kernels, firmware, and more.
cfp.bsidescbr.com.au/bsides-canbe...
Why Rust is Safe BSides Canberra 2025
C and C++ are awesome / terrible – they let you do whatever you want with pointers, resulting in all the tasty memory corruption vulnerabilities we know and love. Other languages impose a runtime or g...
cfp.bsidescbr.com.au
July 17, 2025 at 11:36 PM
"Why Rust is Safe"
Memory safety and C-level performance with no GC or runtime?
Ben Williamson breaks down how Rust’s ownership model delivers safety guarantees at compile time, making it fit for kernels, firmware, and more.
cfp.bsidescbr.com.au/bsides-canbe...
Memory safety and C-level performance with no GC or runtime?
Ben Williamson breaks down how Rust’s ownership model delivers safety guarantees at compile time, making it fit for kernels, firmware, and more.
cfp.bsidescbr.com.au/bsides-canbe...
Reposted by Matthew Flanagan
"Reversing Bytecode into Bounties"
Jira and Confluence plugins can hide serious vulns, if you know where to look. Giuliana and Jamal from Atlassian will show you how to decompile, scan, and exploit like a pro.
Whitebox your way to bounties:
cfp.bsidescbr.com.au/bsides-canbe...
Jira and Confluence plugins can hide serious vulns, if you know where to look. Giuliana and Jamal from Atlassian will show you how to decompile, scan, and exploit like a pro.
Whitebox your way to bounties:
cfp.bsidescbr.com.au/bsides-canbe...
Reversing Bytecode into Bounties: Uncovering Vulnerabilities in Jira and Confluence Plugins BSides Canberra 2025
Whitebox assessments are like unlocking the entire game map, and it's totally up to you to decide what’s worth exploring. Understanding how to decompile apps and navigate them will equip you with the ...
cfp.bsidescbr.com.au
July 18, 2025 at 1:11 AM
"Reversing Bytecode into Bounties"
Jira and Confluence plugins can hide serious vulns, if you know where to look. Giuliana and Jamal from Atlassian will show you how to decompile, scan, and exploit like a pro.
Whitebox your way to bounties:
cfp.bsidescbr.com.au/bsides-canbe...
Jira and Confluence plugins can hide serious vulns, if you know where to look. Giuliana and Jamal from Atlassian will show you how to decompile, scan, and exploit like a pro.
Whitebox your way to bounties:
cfp.bsidescbr.com.au/bsides-canbe...
Reposted by Matthew Flanagan
"Why I am (still) finding secrets in your code"
Despite all the secret scanning tools, sensitive creds are still everywhere. Luke Marshall shares how he's found exposed secrets across ecosystems, and helped secure 40+ orgs.
🔗 cfp.bsidescbr.com.au/bsides-canbe...
Despite all the secret scanning tools, sensitive creds are still everywhere. Luke Marshall shares how he's found exposed secrets across ecosystems, and helped secure 40+ orgs.
🔗 cfp.bsidescbr.com.au/bsides-canbe...
Why I am (still) finding secrets in your code BSides Canberra 2025
Despite the widespread availability of secret scanning tools, thousands of sensitive credentials continue to be exposed in popular open source ecosystems, a security blind spot that sparked my curiosi...
cfp.bsidescbr.com.au
July 18, 2025 at 1:55 AM
"Why I am (still) finding secrets in your code"
Despite all the secret scanning tools, sensitive creds are still everywhere. Luke Marshall shares how he's found exposed secrets across ecosystems, and helped secure 40+ orgs.
🔗 cfp.bsidescbr.com.au/bsides-canbe...
Despite all the secret scanning tools, sensitive creds are still everywhere. Luke Marshall shares how he's found exposed secrets across ecosystems, and helped secure 40+ orgs.
🔗 cfp.bsidescbr.com.au/bsides-canbe...
Reposted by Matthew Flanagan
"Bitsquatting dot gov.au domains"
Ever blamed cosmic rays for DNS weirdness? Matt Belvedere explores a year of bitflip data in .gov.au traffic, digging into real-world bitsquatting and unexpected system-to-system auth.
cfp.bsidescbr.com.au/bsides-canbe...
Ever blamed cosmic rays for DNS weirdness? Matt Belvedere explores a year of bitflip data in .gov.au traffic, digging into real-world bitsquatting and unexpected system-to-system auth.
cfp.bsidescbr.com.au/bsides-canbe...
gov.au
July 18, 2025 at 4:49 AM
"Bitsquatting dot gov.au domains"
Ever blamed cosmic rays for DNS weirdness? Matt Belvedere explores a year of bitflip data in .gov.au traffic, digging into real-world bitsquatting and unexpected system-to-system auth.
cfp.bsidescbr.com.au/bsides-canbe...
Ever blamed cosmic rays for DNS weirdness? Matt Belvedere explores a year of bitflip data in .gov.au traffic, digging into real-world bitsquatting and unexpected system-to-system auth.
cfp.bsidescbr.com.au/bsides-canbe...
Reposted by Matthew Flanagan
"DarkEngine – Researching a Global Phishing Campaign"
nullifysecurity breaks down a large-scale phishing op that compromised 2,350+ WordPress sites via fake CAPTCHA lures.
cfp.bsidescbr.com.au/bsides-canbe...
nullifysecurity breaks down a large-scale phishing op that compromised 2,350+ WordPress sites via fake CAPTCHA lures.
cfp.bsidescbr.com.au/bsides-canbe...
DarkEngine: Conducting Research into a Highly Orchestrated Phishing Campaign BSides Canberra 2025
In June 2025, CyberCX released a report on a highly orchestrated phishing campaign targeting popular WordPress hosting platform WP Engine, dubbed “DarkEngine”, which led to the compromise of at least ...
cfp.bsidescbr.com.au
July 18, 2025 at 6:00 AM
"DarkEngine – Researching a Global Phishing Campaign"
nullifysecurity breaks down a large-scale phishing op that compromised 2,350+ WordPress sites via fake CAPTCHA lures.
cfp.bsidescbr.com.au/bsides-canbe...
nullifysecurity breaks down a large-scale phishing op that compromised 2,350+ WordPress sites via fake CAPTCHA lures.
cfp.bsidescbr.com.au/bsides-canbe...
Reposted by Matthew Flanagan
"Behind the Curtain of Dark Web and Cybercrime Operations"
Join Alexander Wilczek as he reveals insights from a 4-year investigation into how cybercriminals move and launder money - using OSINT, blockchain tools, and strong OPSEC.
cfp.bsidescbr.com.au/bsides-canbe...
Join Alexander Wilczek as he reveals insights from a 4-year investigation into how cybercriminals move and launder money - using OSINT, blockchain tools, and strong OPSEC.
cfp.bsidescbr.com.au/bsides-canbe...
Behind the Curtain of Dark Web and Cybercrime Operations BSides Canberra 2025
A four-year investigation into cybercriminal financial operations. Following the money, examining how threat actors generate, transfer, and launder illicit proceeds. Including the operational security...
cfp.bsidescbr.com.au
July 18, 2025 at 6:02 AM
"Behind the Curtain of Dark Web and Cybercrime Operations"
Join Alexander Wilczek as he reveals insights from a 4-year investigation into how cybercriminals move and launder money - using OSINT, blockchain tools, and strong OPSEC.
cfp.bsidescbr.com.au/bsides-canbe...
Join Alexander Wilczek as he reveals insights from a 4-year investigation into how cybercriminals move and launder money - using OSINT, blockchain tools, and strong OPSEC.
cfp.bsidescbr.com.au/bsides-canbe...
I’m incredibly excited to be accepted by @bsidescbr.bsky.social to present my research on Next Gen Firewalls. I can’t wait to get up there for the first time to share it with you all!
"Panning for Gold - A Hacker's Guide to Next Generation Firewalls"
What happens when a firewall stops being the defence and becomes the foothold?
@mattimustang.com explores real-world tactics for abusing NGFWs: credential theft, mapping, lateral movement.
cfp.bsidescbr.com.au/bsides-canbe...
What happens when a firewall stops being the defence and becomes the foothold?
@mattimustang.com explores real-world tactics for abusing NGFWs: credential theft, mapping, lateral movement.
cfp.bsidescbr.com.au/bsides-canbe...
Panning for Gold - A Hacker's Guide to Next Generation Firewalls BSides Canberra 2025
With the increasing incidence of critical vulnerabilities on next generation firewalls, vendors and their customers face significant challenges in keeping up with firmware patches, mitigating exploita...
cfp.bsidescbr.com.au
July 18, 2025 at 1:36 AM
I’m incredibly excited to be accepted by @bsidescbr.bsky.social to present my research on Next Gen Firewalls. I can’t wait to get up there for the first time to share it with you all!
Reposted by Matthew Flanagan
Justin's talk title speaks for itself: “Well well well, if it isn’t the consequences of my own actions” - the time I got in the middle of 100,000 Linux machines and their LVFS firmware updates and then somehow bypassed the fwupd PGP signature checking
March 16, 2025 at 11:55 PM
Justin's talk title speaks for itself: “Well well well, if it isn’t the consequences of my own actions” - the time I got in the middle of 100,000 Linux machines and their LVFS firmware updates and then somehow bypassed the fwupd PGP signature checking
Reposted by Matthew Flanagan
Open source sits at the base of the software supply chain. Fraser talks about how critical it is for open source to establish security response teams and infrastructure. Listen to the experiences learned from bootstrapping and leading the Haskell security response team.
March 16, 2025 at 9:53 PM
Open source sits at the base of the software supply chain. Fraser talks about how critical it is for open source to establish security response teams and infrastructure. Listen to the experiences learned from bootstrapping and leading the Haskell security response team.
Reposted by Matthew Flanagan
We're a week away and we wanted to say another big thank you to our sponsors. This year Cybliminal has joined us as a Silver sponsor! Big thanks to Cybliminal #crikeycon
March 17, 2025 at 3:00 AM
We're a week away and we wanted to say another big thank you to our sponsors. This year Cybliminal has joined us as a Silver sponsor! Big thanks to Cybliminal #crikeycon
Reposted by Matthew Flanagan
Come learn with Kelsy how to develop your cyber team as trustworthy within an org, rather than a compliance function, and how increasing levels of perceived legitimacy may allow security teams to further leverage employees as practical and informed resources!
March 14, 2025 at 6:48 AM
Come learn with Kelsy how to develop your cyber team as trustworthy within an org, rather than a compliance function, and how increasing levels of perceived legitimacy may allow security teams to further leverage employees as practical and informed resources!
Reposted by Matthew Flanagan
Jumping on stage we have Simbo who will be talking all things SIEM in the talk "SIEM-less security; Panacea or placebo". Join us March 22 to see this talk and more at CrikeyCon.
Get your ticket here: events.humanitix.com/crikeycon-x
Get your ticket here: events.humanitix.com/crikeycon-x
CrikeyCon X
Get Tickets on Humanitix - CrikeyCon X hosted by Droppy & The Sleuth. Royal International Convention Centre (Royal ICC), 600 Gregory Terrace, Bowen Hills QLD 4006, Australia. Saturday 22nd March 2025....
events.humanitix.com
March 15, 2025 at 3:11 AM
Jumping on stage we have Simbo who will be talking all things SIEM in the talk "SIEM-less security; Panacea or placebo". Join us March 22 to see this talk and more at CrikeyCon.
Get your ticket here: events.humanitix.com/crikeycon-x
Get your ticket here: events.humanitix.com/crikeycon-x
Reposted by Matthew Flanagan
We're excited to announce we have Georgia back on stage with us to present 'Hacking Minds not machines: How meetings not malware can compromise your controls'!
March 16, 2025 at 7:56 AM
We're excited to announce we have Georgia back on stage with us to present 'Hacking Minds not machines: How meetings not malware can compromise your controls'!
Reposted by Matthew Flanagan
Hey cyber people, Cybliminal have a ticket to @crikeycon.bsky.social X on 22nd March in Brisbane to giveaway. DM us if you are keen to attend.
March 14, 2025 at 9:00 AM
Hey cyber people, Cybliminal have a ticket to @crikeycon.bsky.social X on 22nd March in Brisbane to giveaway. DM us if you are keen to attend.