Intro

• Matt(hew) Lucas (soon to be Lucas-Clarke once I start updating things)
• Member of an internal Red Team from April 2024, opinions etc my own
• ex-MWR/F-Secure/WithSecure 2020-2024, UK team lead for Attack Path Mapping for ~1 year
• Oxford Physics MPhys 2020, don’t ask me to remember any physics
• Aethelmatt is because I find the old Anglo-Saxon Aethelred/Aethelstan/Aethelwald names aesthetically pleasing

Public work

• Methods of Lateral Movement using Windows OpenSSH, presented at SEC-T 2023 and BSides Cambridge 2023
• Performing and Preventing Attacks on Azure Cloud Environments through Azure DevOps and the companion piece Detecting Attacks against Azure DevOps
• The Azure DevOps pieces were accurate at the time, but since cloud is so fast-moving I’d recommend cross-checking anything I’ve said there with more recent work/MS docs; I don’t work there any more so I personally won’t get to update that blog as MS moves on. Most recent piece I’m aware of is Brett Hawkins’ whitepaper.

Stay tuned for…

• Things! I’ll hopefully be posting more research/doing more conference talks in future, watch this space.