Cyberattacks are one of the most prevalent threats to organizations today. Understanding how cybercriminals operate has never been more essential for businesses and governments looking to defend themselves. In this session, we will learn first-hand the tools, techniques and thought processes of today's real-world threat actors like OceanLotus/APT32 and how you can thwart them. The session will include a live demonstration of some of the ingenious social engineering hacking techniques that adversaries are now using to breach endpoint defenses, breaking each down and explaining how they work and why they're successful. We will examine various types of fileless threats ranging from strictly memory-resident payloads to malware that merely avoids storing malicious executables on-disk. We will also examine the difference between living-off-the-land attacks and multi-stage advanced threats, which include some fileless elements with the attack chain.
- Understand why organizations need to bolster their defenses amidst a new world of work in which millions of people are working remotely.
- Learn the secrets behind today's most nefarious threat actors.
- Learn how to reproduce common adversarial hacking methods in your own environment to not only test your own defenses, but also your people.
Technical Level: Medium