BEGIN:VCALENDAR
VERSION:2.0
PRODID:Data::ICal 0.24
BEGIN:VEVENT
DESCRIPTION:   'Title: The Richest Phisherman in Colombia\n   When: Friday\
 , Aug 12\, 12:10 - 12:30 PDT\n   Where: LINQ - BLOQ (SkyTalks 303) - [1]Ma
 p\n   Speakers:Matt Mosley\,Nick Ascoli\n\n   SpeakerBio:Matt Mosley\n   M
 att Mosley is a security professional with 30+ years experience in\n   var
 ious technical and executive roles\, former UNIX sysadmin and\n   software
  engineer\, and reformed grey hat hacker who wears his original\n   “I m
 iss crime” shirt proudly. In his current role as Chief Product\n   Offic
 er and CISO of security startup PIXM\, Matt guides the company’s\n   pro
 duct and security strategy and manages several functional teams.\n   Matt 
 has held the CISSP\, CISM and CISA credentials since the mid 90s\n   and h
 as spoken on security topics many times over the years\, from\n   large au
 diences at RSA to local ISSA meetings. Matt believes that\n   security sta
 rts with the basics that most companies fail to get right\,\n   and would 
 be happy to debate the merits of the principles in the\n   orange book vs 
 your need for the latest XDR/SOAR/ABCDXYZ product. He\n   is still waiting
  for the right opportunity to avenge his team’s\n   finals loss in Hacke
 r Jeopardy during Defcon 5.\n\n   SpeakerBio:Nick Ascoli\n   Nick Ascoli i
 s the founder and CEO of Foretrace\, an External Attack\n   Surface Manage
 ment (EASM) solution. Prior to starting Foretrace\, Nick\n   was a Cyber R
 esearch Scientist and Consultant with Security Risk\n   Advisors and has p
 ublished several open-source tools including\n   pdblaster and TALR. Nick 
 has been a speaker at Blackhat Arsenal\, SANS\,\n   and B-Sides conference
 s on SIEM\, Recon\, and UEBA topics.\n   Twitter: [2]@kcin418\n\n   Descri
 ption:\n   Adversaries have increasingly been leveraging completely legiti
 mate\n   3rd party web hosting products to circumvent traditional domain\n
    reputation analysis engines\, and successfully get their phishing pages
 \n   in front of their victims. Using these third party services also\n   
 offers them a great opportunity to limit the exposure of their own\n   inf
 rastructure\, offering a great OPSEC advantage. However\, in one\n   inves
 tigation\, a few breadcrumbs left in the adversaries code led us\n   down 
 a rabbit hole to slowly uncovering the person behind what is\n   perhaps t
 he largest Facebook credential harvesting campaign ever\n   investigated (
 over 100 million potentially impacted at the time of\n   this submission).
 \n\n   In this talk\, we will follow the breadcrumb trail left by a threat
 \n   actor\, demonstrating how we pieced together the shocking scale of\n 
   their credential harvesting and malversating operation. From comments\n 
   in their code\, to their various online identities\, to accessing their\
 n   infrastructure - we will walk through our investigation into a wanted\
 n   Colombian Cyber Criminal.\n\n   '\n\n   1. https://defcon.outel.org/co
 nsolidated_page.html#Linq\n   2. https://twitter.com/kcin418\n\n\n
DTEND:20220812T193000Z
DTSTART:20220812T191000Z
LOCATION:SKY - LINQ - BLOQ (SkyTalks 303)
SUMMARY:The Richest Phisherman in Colombia
END:VEVENT
END:VCALENDAR