Have you been looking for tips on how to upgrade your next cyber investigation? This session will cover the eight fundamental questions you should ask and provide guidance on communicating the indisputable facts of an incident rather than opinions. No One Is Entitled to Their Own Facts, Except in Cybersecurity? Presenting an Investigation Handbook to Develop a Shared Narrative of Major Cyber Incidents Security Guidance, Policies, and Standards: These researchers will explore whether the same efforts are invested in the operation security of these campaigns. OopsSec: The Bad, the Worst, and the Ugly of APT’s Operations SecurityĪdvanced Persistent Threat (APT) groups invest in developing their arsenal of exploits and malware to stay below the radar and persist on target machines for as long as possible. This period of abundance is teaching us a great deal about the effects attackers can and cannot have during military operations and what we should realistically expect in an era of hybrid warfare with cyber components. Before this, nation-state wiper malware was relatively rare. The latest wiper was used to attack satellite modems with suspected spillover into critical infrastructure in Western Europe. Real ‘Cyber War’: Espionage, DDoS, Leaks, and Wipers in the Russian Invasion of Ukraineįrom the beginning of 2022, we have dealt with at least seven strains of wiper malware targeting Ukraine. Panelists will explore how Venezuelan leftist organizations are driving social media narratives in support of current leftist Colombian presidential candidate and former M-19 revolutionary member, Gustavo Petro.
This session will cover Nisos researchers’ discovery of a prolific disinformation campaign during Colombia’s May 2022 elections. The Growth of Global Election Disinformation: The Role and Methodology of Government-linked Cyber Actors It also provides a higher-level analysis of the attackers’ modus operandi and discusses why and how the attack was mostly unsuccessful. This talk covers the technical details behind the reverse engineering of Industroyer2 and compares it against the original. Industroyer2: Sandworm’s Cyberwarfare Targets Ukraine’s Power Grid Again Attendees can expect to learn how enterprises can strategically balance MITRE ATT&CK techniques, sub-techniques, and procedures to maximize their test plans and minimize cost, gaining the key confidence that procedural variation offers while staying true to threat intelligence and keeping budget in mind. This talk will explore how enterprises can create an efficient and effective MITRE ATT&CK test plan. This talk will unmask ways in which ongoing operations by advanced persistent threats based in different countries (North Korea and Iran) are using recruitment themes to compromise victims. Talent Need Not Apply: Tradecraft and Objectives of Job-themed APT Social Engineering Grounded in robust psychological theory and interwoven with social engineering practice, it is a way to manage human vulnerability rather than just uncover it.
#HIJACK DEFCON MOD#
This is the “Malicious Floorwalker” exercise, an impactful behavioral intervention designed and delivered by the UK MOD Cyber Awareness Behaviors & Culture team. Cyber Threat!” – A Psychological Approach To Managing the Fail-to-Challenge Vulnerability And even better, we’ve made it easy for you to navigate them by topic! Our security practice at Merritt Group has put together some of the top talks, workshops, and sessions to attend. With Black Hat and DEF CON kicking off in Vegas this week, there’s no better time than the present to highlight some of the hot trends and topics to catch while you’re at the show - in person or virtually.
0 kommentar(er)
