DeepSec 2023 Talk: Adding Intelligence into a Security Program – Catalin Curelaru

Sanna/ October 6, 2023/ Conference/ 0 comments

Cyber threat intelligence has become a critical security area for organisations trying to defend against threat actors. It is slowly making the shift from a buzzword to an actionable true program. But how confident are you as a security professional that you are moving in the right direction? Should a CTI program heavily focus on the APTs and ransomware groups, or could the focus be elsewhere? The following presentation will walk you through an APT case, present some key prioritizations on what is relevant at a specific time for a CTI program and evolve as time goes on. A reference case can be found online. We asked Catalin a few more questions about his talk. Please tell us the top 5 facts about your talk. APTs, Pandas, Bears, Visma Security Program, Cyber Threat Intelligence

Read More

DeepSec 2016 Talk: Social Engineering The Most Underestimated APT – Hacking the Human Operating System – Dominique C. Brack

Sanna/ October 5, 2016/ Conference, Security

Social Engineering is an accepted Advanced Persistent Threat (APT) and is going to stay according to Dominique C. Brack of the Reputelligence, Social Engineering Engagement Framework (SEEF). Most of the high-value hacking attacks include components of social engineering. Understanding the behind the scene methods and approaches of social engineering will help you make the world a safer place. Or make your attack plans more successful! Social Engineering is a topic that does not really fit into technical hacking and is also underestimated by security professionals. There are no tools or hardware you can buy to prevent Social Engineering attacks. But Social Engineering is an APT to be taken seriously, because most attacks consist partly of it and its attack execution and prevention needs training and skills. Social Engineering has progressed and professionalized more than you think. It is disastrously effective.

Read More