Presented at
RVAsec 2018,
June 8, 2018, 10:10 a.m.
(50 minutes).
This presentation will cover the various pieces of intelligence that can be collected from each stage of a phishing attack (lure, phishing site, phish kit) and discuss how each piece allows us to progress an investigation. We will look at various analytical techniques that can be performed to track phishing campaigns and enhance detection. The second half of the presentation will cover an in-depth, real-world case study of the practical application of these techniques, starting with a single phishing lure and ending with the identification of a primary phishing threat actor.
Presenters:
-
Crane Hasshold
- Phishlabs
Crane Hassold is the Director of Threat Intelligence at PhishLabs based out of Charleston, SC, where he oversees the Research, Analysis, and Intelligence Division (RAID). Prior to joining PhishLabs, Crane served as an Analyst at the FBI for more than 11 years, providing strategic and tactical analytical support to cyber, financial crime, and violent crime cases. For most of his career with the FBI, Crane worked in the Behavioral Analysis Units in Quantico, Virginia, where he provided analytical and behavioral support to intelligence community and law enforcement partners against national security adversaries and serial criminals. In 2012, Crane helped create the FBI’s Cyber Behavioral Analysis Center, which takes an asymmetric approach to examining cyber threats by combining the traditional behavioral concepts used for decades in the violent crime world with technical expertise to gain a holistic understanding of adversary TTPs.
Links:
Similar Presentations: