BSides Cheltenham 2025 - A cyber security event not to be missed!
Forrest Caffray
#BSidesChelt
It’s the 18th July 2025 and I have embarked on my wee trip to Cheltenham. Having been there once before I was a little acquainted with the town. All thanks to Hack The Box of course! They host CTF (Capture the Flag) events there which have been a really nice way to network and meet new folks. It wasn’t too long ago that I attended my first in-person CTF there and everyone was so welcoming. I have unfortunately missed some of the more recent events but looking forward to future CTF’s.
Back to BSides… A huge thanks to Charlie for hooking me up with a ticket to attend! I missed out on grabbing a ticket as I was solely looking at the Eventbrite page and the tickets are not up for long when the appropriate phase is pushed out! I completely missed the fact that there is a dedicated website, LinkedIn page and all sorts of other digital webtasticals. I was a little late to the party there but Charlie came in swinging - he really didn’t have to so I am very much in a pit of appreciation.
Arriving into Cheltenham I was already keeping my eye for the all famous, all powerful “donut” on the GPS. I didn’t see it, but I knew it was there. One day I shall visit, one day.
The Premier Inn hotel was so well positioned, the town is a delight to walk around and I had a nice wee evening exploring the urban town with such deep historic roots in cyber and government shenanigans.
Up early and ready to rock and roll. Good morning Cheltenham! Continental breakfast down, a brisk walk to the town hall was in order.
Who knows what’s been conspired in the old town hall, today however, was the day of BSides Cheltenham 2025. I was not so sure what to expect from the event.
A goody-bag you say? Sure! Walking in to main part of town hall - a perfect opportunity to have a peak at some of the swag. The heavy duty coin is by far my favourite, mmmm donuts.
We got to meet the 2025 Committee, lovely bunch of folks. Charlie had welcoming us all in and it was time to kick things off with the first Focus Talk of the day.
Ollie Whitehouse is the CTO of the UK’s National Cyber Security Centre. He has an extensive career in the Cyber Space and it shows! He gave us a great talk outlining the shape of Cyber Security in the modern era and beyond. How adversaries are advancing, the dangers we face, the challenges to overcome and questions we must ask ourselves. He came across as humble and well versed in his path. The presentation was like an open question to the audience, what are we doing with AI, Encryption, State actors, APT’s, Defense and how do we control it and is it possible we are just stumbling into something completely out of our control. How does this change the landscape? So many areas were covered and I really enjoyed the first Focus Talk - upon reflection I should have taken notes, but at the time, I had no idea I would later create a blog.
Joe Tidy stepped up on stage with a brisk energy and charisma that was well suited to the stage. He is the Chief BBC Cyber Correspondent and now Author. Having done my research pre-Bsides I had already ordered and read his new book - Ctrl+Alt+Chaos. I have to admit that with a lot non-fiction I tend to skim through and slow down when I find something interesting but with this publication I chose to slow down and deep read the title and I have to say, it was worth it. Books like these are good reads if you don’t already know about teenage hacking - I certainly didn’t. I haven’t been much of a general “news” guy so even all the big hacking events were unknown to me (I am more immersed in today’s events - thanks techmeme). Lots of information on the history and culture of teenage hacking (and hacking in general), early groups, the progression of the internet, the rise of social media, changing motivations, crypto and the rise of malicious intent. Key events were covered and to my surprise the darker events were described and made present. I won’t go into all the details, but it will certainly bring you up to speed on what has happened, what is happening and what might happen - and why. Many of the books highlights were covered on stage and it was interesting having a point of reference to it having already read the book. He did add some details about what’s happened between publication and the current day. It was a good talk, good job Joe Tidy!
There were talks in parallel to Joe Tidy, from
John Gilbert (Watt’s Going On? Threats Facing UK Energy Infrastructure)
David Lacey (Zero Trust: Yesterday, Today and Beyond).
Ilana Wisby was up next with her talk on “What Really Matters: A Crash Course in Our Next 10 Years”. I missed a little but when walking in I witnessed some kind of unnerving AI talking about what sounded like the dystopian future we don’t want - a future Ollie also touched on. I often find myself thinking about the future and our technological capabilities. Humans and Technology have this ever present deep relationship that doesn’t stop for anything. I tip into optimism about our future and it was fascinating hearing Ilana’s take on it. She spoke about emotional intelligence, how important this could be in building our future in cooperation with Agentic AI, General Artificial Intelligence and other models. She spoke about the previous revolutions, how we can learn from them and apply them to the one that’s already started. Adaptability and change were key takeaways. Her talks on Encryption and Quantum Computing were a little scary but something well worth pondering on. I never really put the two together. The advent of Quantum Computing is upon us, with that comes unprecedented compute power - enough to break even the trickiest of Encryption algorithms like SHA256 - a standard in our industry. If all our private data is breakable and no longer private, then what? The looming Q Day edges closer. She presented with a lightness and air that delivered heavy notions with ease. Thank you Ilana.
Other talks around this time:
Juxhin & Ian Muscat (Hunting Evil Domains using Content-Agnostic Techniques)
Valentino Duval (Threat Hunting the Node Package Manager)
Tom Ellson & Sunny Chau (TokenFlare: Payload-less Initial Access Leveraging Cloud Workers & Conditional Access Bypass)
James Burns (Boulevard of Broken Scopes: How Can we Reinvent Pentesting for the Greater Good?
Are you hungry? Because I am after all those delightful Focus Talks. Boy oh boy was I in for something juicy! There was cheeseburgers, pizza, curries, mac ‘n’ cheese and steak. For anyone who knows me, the steak was a no brainer. Granted there was a bit of a queue, absolute worth it and free! Juicy slabs of steak on a warm bread with some kind of fancy sauce did the trick before going back inside.
There was a talk from Joshua Limbrey (A Crash Course on Lattices and How They’re Building the future of Cryptography) that I missed but I did step in to the talk from Brandon Toews, Lilly Vladova and Robbie Smith (DarkCiruit: Cybersecurity Education Assisted by Agentic AI Systems).
Agentic AI is the new hype! “Basic” LLMs (Large Language Models) are a thing of the past! Agentic AI promise that familiar relationship that we now have with AI but with extra extraness. Where they differ is Agentic AI can take actions. Imagine a vision enabled AI that can see your Desktop. With “it” being able to see, it has the ability now to control your mouse and keyboard, click on things, search for things and perform tasks. This is something I haven’t tried yet, only read about it’s capabilities from different sources. DarkCircuit follows in these sorts of steps however is somewhat unique. Having the AI integrated with Hack The Box, the AI acts as a sort of middle-man. Sharing a terminal with the AI, you can paste in questions on HTB and it can take control of the shared Terminal inputting commands as it sees fit. It’s trained off specific material that is likely beyond my understanding, targeting the AI towards common Tactics, Techniques and Procedures. It was quite insightful for me as a self-learner that you can at a whim, ask the AI to just “get the flag” and it will magically use the terminal and execute your bidding. Whilst this is very effective, or appeared so, it doesn’t lend itself well to learning - at least I’m not so sure about it. Another option is to run each command, step by step. This seems more effective, however I would still do everything manually afterwards until it sticks. This seems like the perfect tool for when you are carrying out a task that is just too hard, it breaks state of flow and it’s just too far out there. I think this technology has a lot of potential and it was cool seeing the demo. We still need to remember though, that we have to perform the tasks from our own brains, to fully comprehend everything and really add value to our jobs and responsibilities. I enjoyed the talk, asked some questions at the end and found out that the AI is available to demo out and at the moment only works with HTB.
I missed all the following talks: (I’ll explain myself ok)
Daniel Darby (Live and Let Glitch: Breaking the AirTag in Real Time (heard good things about this one).
Tommy Charles (Resisting the Quantum Threat to Cryptograhy from the Hardware Security Foundation Up!)
Ian Thornton-Trump, Dan Card & Sophia McCall (Infosec Influencers: Plague or Profit?)
Ben Folland (Compromising Threat Actor Communications) - I believe this is the “Ben” I spoke to later.
Leo & Maya Czarska (We Tested the Top 50 Ransomware: Here’s What We Learned!)
Hannah Evenden-Morley, Sam B, Charlie M, Cara Ainsley-Bridger & Toby Davenport (Behind the SOC: Inside Scripe OLT)
Tasha Armstrong-Godwin (Chrome Alone: How Extensions Sneak Past Your Defences)
Rich Hanstock (Sleep 90D; Hack the Planet: Responsible Disclosure and Legal Risk)
Simeon Quarrie, David Rushmer & Autumn Bamford (Rethinking the Threat Landscape: From AI to Quantum Security)
Jamie Friel (How to Hack a Quantum Computer)
Darlington Okeke (Detecting the Undetectable: A Heuristic-Based ML Framework for Trojan Malware)
Ok so how exactly did I miss all these? LOCKSPORT.
I got tangled up in the world of locksport. I decided to have a wee look in the main hall at what they setup over lunch. There were so many fun things. I just so happened to make my first pit stop at this random table over-encumbered in locks, picks and all manner of “stuff?”. I was greeted by a big bearded chap who was gracious enough to give me a quick low-down on what I was trying to achieve with the 2 little pick apparatus and a lock. At first it seemed intriguing and difficult. After some struggle and prying, somehow, I got my first hit! Just like that, it unlocked and I was a bit taken aback by it. It’s a similar feeling to trying all sorts of different tactics to get that “flag”, only physical and tangible. This was fun, I moved onto the next, then the next and finally onto what seemed like the Dark Souls boss to end it all. At least for the day. Yes, I did spend too long on this lock and yes, I never did get it unlocked. I learned they had a Locksport club in Bristol and if I lived closer, I would check it out. It’s a great way to just chill, have a chat and keep your hands busy with something. While sitting I met a bunch of new folks, including some Scots that had travelled all the way down for the event! Unexpected and welcome. I learned so much about their careers, got advice and just a great wee crowd.
I had opportunities to speak to a young chap about meshtastic transceivers - something I had a wee look at on the internet some time ago. Quite interesting devices, fully off-grid text based communication using DIY hardware devices, often 3D printed and put together manually.
I grabbed a raffle ticket and had a look at the Wi-Fi cracking. We tend to use WPA, WPA2 and WPA3 to secure our Wi-Fi networks these days but many moons ago WEP was common place. I haven’t looked at Wi-Fi cracking for a long time so I am incredibly rusty but these age-old devices were vulnerable. A couple of lads were giving it ago. One had a mighty Framework 16, while another went ultra-portable with one of those mini GPD devices. They were having a bit of a battle getting in, not that I could help much. I think at this point Charlie was thinking about enabling WPS on the devices, something else that’s not very secure. It was a good wee chat and the Framework dude was using Ubuntu which is now what I’m using to type this blog out. It looked really neat and I haven’t touched Ubuntu in a very long time (every time I looked at it, something is just too broken to really use). However, right at this moment of typing, I’ve got it setup pretty nicely, full hardware support on Ubuntu 25.04 - I like it! I do see a lot of distro-hopping in the future, but that just seems like a very natural adventure to have when dipping ones toes into Linux. Yay!
I had a wee chat with Kai from KSEC. I hadn’t come across KSEC before but they have all the gadgets and gizmos you could desire. It was a great wee chat, I remember asking him “What’s it like working for KSEC?”. With his response telling me it’s his company! I think I definitely could have bought a bunch of stuff. There was devices that could run scripts from USB, analyse wireless signals, attack Wi-Fi, lock picking, all sorts. Give KSEC a lookup on the web.
The South West Police Regional Cyber Crime Unit was there and I had a good old chat with the chap that was representing them. We talked about the current state of the police, the challenges of cyber crime, likely prospects, how the UK positioned itself in this space and encouraging youngsters to use their cyber skills for good. I enjoyed that chat, in between talking, someone else joined us for some questions - Josh.
Josh is the key to the inception of this blog that you are currently reading. He came with some heavier styled questions and so I was interested in what field he was working in and for whom. With some good conversing I asked him if he had any advice for graduating from self-learning to getting an actual job - he suggested I started to blog everything. Write about my experiences, projects, findings, write-ups and consolidate it all. That is exactly what I am going to do with this space. I’m really excited. Josh had oodles of enthusiasm and introduced me to Ben who I think did a talk earlier. He also suggested the same thing and had great success himself.
I knew what I needed to do!
Time was escaping me and it was about that time to close the show down and make the big announcement - where was the after party?
Everyone gathered up to wrap up the days events, winners of the HTB CTF and PWNDEFEND Scavenger Hunt were announced - I wish I had the time check them out! Raffle winners were announced, some really cool items - not me this time but congrats to those who won!
Big thanks to all the Sponsors of the event:
SILVER: Microsoft, HackTheBox, cytix, Validato, CORETECH, hexiosec, VulnCheck and Digital Intelligence (BAE SYSTEMS)
BRONZE: IOActive, haveibeensquatted?, GOLDEN VALLEY, Stripe OLT and DEFENDLABS
I want to make a little mention to CORETECH who I had a nice chat about vulnerable Wi-Fi routers & hardware and how they are teaching people about their systems and vulnerabilities. I spoke to HTB and had a good chat about certs and the hacking culture and Microsoft - they had so many cookies. Yeah.
That’s about as much as I could pack into the event, it was a great events, lots to do and see. Great crowd of people and I am looking forward to the next one, as well as eyeing up some of the other local BSides events.
The day went to night and we all went out, drinks were had, chats were chatted, food was consumed - super yummy and memories made.
The next morning I found myself having another continental and ready to leave.
Thanks everyone for such a good time, the organizers, the sponsors and all those who decided to show up!
BSides Cheltenham - a sweet time in a cyber space.
:)
Subscribe to my newsletter
Read articles from Forrest Caffray directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by
Forrest Caffray
Forrest Caffray
I spend my days studying cyber security. I am a happy self-learner looking to expand my knowledge and have fun with CTF's and such. I like meeting new people and I'm looking for work.