A winner of DEFCON’s wild spectator sport, the Social Engineering ‘Capture the Flag’ contest, she was also one of the first to correctly predict and unpack the infamous 2020 Twitter hack in real time while providing recommendations to the public to help other organizations avoid disastrous social engineering attacks in the future.
Speech Topics:
Hacking in the Age of AI: How AI, Voice Cloning, and ChatGPT Has Changed the Way We Hack
In the past year, we’ve witnessed a paradigm shift in hacking with the advent of powerful AI algorithms, AI voice-cloning capabilities, and the accessibility of ChatGPT. These AI innovations have revolutionized the way hackers operate, presenting both unprecedented challenges and opportunities for the cybersecurity community. Join us as we explore live AI hacking demonstrations, discuss the implications of these hacks on your organization, and how you can still catch these hackers in the act — even in the ever-changing landscape of cybersecurity.
How I Would Hack You: Live!
This live demo is one of Tobac’s most sought-after events. YOU pick a team member—ideally someone with a social media presence and a sense of humor! SHE will hack them LIVE—in-person or virtually—but with zero real-world consequences or harm to their social identity or your organization’s cyber security. As she hacks them, Tobac explains, step by step, what a real hacker would do, how they would do it and why you would be unlikely to see it coming. As the audience, you and your team get a chance to step into the shoes of a hacker and see spear phishing and other trending hacker techniques in action (but in a safe and controlled environment). It’s a fun and powerful way to make everyone on your team aware of the importance of cyber security while highlighting both the risks we face and the responsibilities we all have as individuals and organizations in the digital realm.
Inside the Mind of a Hacker
Have you ever experienced a strange email or phone call and wondered if you were being hacked? Rachel Tobac executes these attacks for a living! But she’s not a criminal, she’s a white hat hacker — launching successful social engineering attacks to train others on the up-to-date methods criminals use to gain access to your money, data, or systems, before the bad guys get there first. Rachel’s fun and fast-paced hacker stories from the field will arm you and your business with current examples of real attacks and the necessary skills, scripts, and best practices to catch hackers like her in the act with takeaways on protecting your firm’s valuable assets.
Exploiting Trust – The Human Element of Security
Security protocols are often built on trust — trust which is exploited by attackers like me. From email to phone communications, attackers study how to insert themselves within your trusted circle and protocols to leverage that trust against you. This keynote will dive into the anatomy of trust exploitation in real world social engineering attacks, walk through step-by-step examples of attacks happening during COVID-19, and the steps you can take to protect your data, money, security, and privacy from real world attackers, even during a global crisis.
Videos:
Bio:
Rachel Tobac is a hacker and the CEO of SocialProof Security where she helps people and companies keep their data safe by training and pentesting them on social engineering risks. Rachel was also 2nd place winner of DEF CON’s wild spectator sport, the Social Engineering Capture the Flag contest, 3 years in a row. Rachel has shared her real life social engineering stories with NPR, Last Week Tonight with John Oliver, The New York Times, CNN, NBC Nightly News with Lester Holt, and many more. In her remaining spare time, Rachel sits on the CISA Technical Advisory Council and is the Chair of the Board for the nonprofit Women in Security and Privacy (WISP) where she works to advance women to lead in the fields.