Speakers

In a SOC, triaging alerts generated by Deployed Security products is a tier 1 job for an analyst. The threat intel, analysis and defences (security products) use different severity, message for the same incident, which complicates the security Analyst’s job in Alerts Triage. MITRE has simplified the work of security Analyst and Security Managers with the new ATT&CK Framework. Industry-wide acceptance of the MITRE ATT&CK Framework has enabled security product vendors to integrate it into their product line. MITRE ATT&CK Framework also enables the security vendors to evaluate their products against various TTPs as used by an adversary in an attack chain. In this session, we would like to go through how MITRE ATT&CK Framework will enable security Analyst to act fast and correlate the different Alerts to single Attack Chain and let's see in doing so if we identify any campaign activity. Fun times threat hunting with a common language.

In a SOC, triaging alerts generated by Deployed Security products is a tier 1 job for an analyst. The threat intel, analysis and defences (security products) use different severity, message for the same incident, which complicates the security Analyst’s job in Alerts Triage. MITRE has simplified the work of security Analyst and Security Managers with the new ATT&CK Framework. Industry-wide acceptance of the MITRE ATT&CK Framework has enabled security product vendors to integrate it into their product line. MITRE ATT&CK Framework also enables the security vendors to evaluate their products against various TTPs as used by an adversary in an attack chain. In this session, we would like to go through how MITRE ATT&CK Framework will enable security Analyst to act fast and correlate the different Alerts to single Attack Chain and let's see in doing so if we identify any campaign activity. Fun times threat hunting with a common language.

TIndustry 4.0 touts many advantages, savings and efficiencies Abstract: and is being hailed as one of the next big things. But, at what cost? Every technological evolution comes with rewards and risks, and what gets lost behind the buzzwords are the things we should consider and worry about.

This session presents how the industrial environment is merging with the IT environment, and highlights the many issues arising from such mergers. From competing mental models, equipment lifecycle to the very definition of security itself. This session aims to enlighten the audience on the various issues they’d encounter in their road to implement industry 4.0.

In this talk, I will discuss the current fraud landscape. I will cover how buy-online-pickup-In-store (BOPIS) concept are being taken advantage by fraudsters or the card-not-present (CNP) fraud that is now on the rise. Of course, a quick look on return-policy abuse, gift card scam, fraud rings, underground fraud forums and a host of other frauds and scams will also be tackled.

I will also deal on laws and regulations that could affect current state of fraud like the latest Payment Service Directive (PSD2) on requiring strong customer authentication (i.e. MFA authentication). In addition, discussion on how mundane policy changes like the use randomized SSN enable fraudsters to use (manufactured) synthetic identity is causing problems to fraud detection companies.

From the perspective of e-commerce merchants and business owners, the growth of fraud coupled with the high level of friction and/or false card decline that their customers are experiencing is already affecting their bottom line. As study shows, falsely rejected card is 13x more costly than the actual fraud itself.

Finally, a quick glimpse on how fraud & transaction security companies are addressing the current problems and how the use of AI/ML in this field, just like in other industry, is changing the fraud landscape.

Whether it involves taking over a car’s steering controls or Abstract: proving that children’s toys are spying on them, hackers love to share their latest IOT hacks. But the media has amplified the stories even more, creating dangerous myths around these technologies. While Miraibased attacks have been successful, cybercriminals have yet to heavily monetize IOT vulnerabilities outside the business model of extortion and DDOS attacks.

This presentation shares insights about what IoT attacks will look like 2-3 years from now. Through research into online cybercriminal forums, we have determined what level of interest and possible criminal opportunities there may be for IoT-specific attacks. Our research covers current IoT trends in cybercriminal undergrounds forums for Arabic, Japanese, English, Russian, Portuguese, and Spanish languages.

Find out which devices cybercriminals are most interested in hacking. Discover what they are thinking in terms of attacking existing IoT infrastructure. Finally, before IoT attacks become the norm, we will explain the challenges LEA and forensic professionals should be aware of in order to better protect their organizations.

Telecom networks should be considered as a backbone for many Abstract: industries including Finance, Hi-Tech, Hospitality and Government. And in our research into the cyber-underground has consistently shown it as a unique place where many things, including pretty sensitive PII, financial transactions, electronic copies of documents are freely traded. That is why telecommunication companies, their infrastructures and services are often targeted by underground actors.

This presentation will be focused on services related to attacks and abuses of telecom networks offered on the cyber-underground forums. We walk through examples and case studies which cover different type of cyber-criminal activities including: voice and SMS DoS attacks on sensitive phone numbers, Calls, SMS landing and interception, customised tools like special versions of SIM Cards, Phones and 4G routers, location tracking, call and SMS records of the subscribers, and much more. In the conclusion we will discuss, how transition to the 5G world will affect the threat landscape and provide recommendations and suggestions for telecom companies and their customers how to deal with these threats.

Today’s cyber-attacks are designed to evade detection. They are complex, stealthy, and often built specifically for its target. And while there is no such thing as 100% protection against attacks, being able to detect and respond to them as soon as possible helps prevent minimize their impact. In this session, an Incident Response Analyst from the Trend Micro Managed X Detection and Response (MxDR) team will discuss the evolution of traditional incident respose to incident response done through MxDR.