Better Phishing through Smarter Infrastructure

Presented at Kernelcon 2020 Virtual, March 28, 2020, 1:30 p.m. (60 minutes).

These days, everyone is looking for the phish that is either a generic drive-by or a more targeted campaign, such as a weaponized ransomware attack. Blue teams are smarter, instrumentation is smarter, and detection capabilities have advanced; especially in enterprise networks. Further, set aside all of the click-through/pre-manufactured commodity phishing security awareness services for a moment. The real question, what happens when adversaries aren’t so brazen with their tactics and take smarter steps to counter detection? Pre-emptive strike campaigns that are both innocuous (almost forgettable) to glean target details before the real attack, the correct tooling to prevent prying defenders from reaching the command and control redirectors or malware servers, blacklists and whitelists, domain registration misdirection, and quite possibly peering into the void of the vast amounts of signal-to-noise honeypot data trawling the Internet while using it to become more situationally aware. The operators at STACKTITAN will discuss all of these topics and how proprietary tooling has helped shift their perspective on effective phishing techniques. Additionally, REAL mitigation techniques will be discussed to better prepare organizations to defend against these attack campaigns. In conclusion, the presentation will be informative with plenty of opportunity for collaborative discussion.


Presenters:

  • Chris Patten - StackTitan
    Chris Patten does all the same, but not as well as Dan.
  • Dan Kottmann - StackTitan
    Dan Kottmann is a wrangler of bits, co-founder of Stacktitan, co-author of Black Hat Go, and roots for the team of red.

Links:

Similar Presentations: