BEGIN:VCALENDAR
VERSION:2.0
PRODID:Data::ICal 0.24
BEGIN:VEVENT
DESCRIPTION:   'Title: Cloud Threat Actors: No longer cryptojacking for fun
  and\n   profit\n   When: Friday\, Aug 12\, 14:55 - 15:45 PDT\n   Where: L
 INQ - BLOQ (SkyTalks 303) - [1]Map\n\n   SpeakerBio:Nathaniel Quist\n   Na
 thaniel Quist is a Principal Researcher working with Palo Alto\n   Network
 s Unit 42 and Prisma Cloud teams on researching the threats\n   facing pub
 lic cloud platforms\, tools\, and services. He is actively\n   focused on 
 identifying the threats\, malware and threat actor groups\n   that target 
 cloud environments.\n\n   Nathaniel has worked within Government\, Public\
 , and Private sectors\n   and holds a Master of Science in Information Sec
 urity Engineering\n   (MSISE) from The SANS Institute\, where he focused o
 n Network and\n   System Forensics\, Malware Reversal\, and Incident Respo
 nse. He is the\n   author of multiple blogs\, reports\, and whitepapers pu
 blished by Palo\n   Alto Networks’ Unit 42 and Prisma Cloud as well as t
 he SANS InfoSec\n   Reading Room.\n\n   Twitter: [2]@qcuequeue\n\n   Descr
 iption:\n   Threat actors have elevated their attacks against cloud enviro
 nments\n   through the direct targeting and usage of Identity and Access\n
    Management (IAM) resources. Successful attacks not only expose the\n   
 wider customer cloud environment workloads but also expose a\n   defender'
 s inability to successfully track the total scope of the\n   incident usin
 g only a single cloud visibility tool. I have been\n   tracking the evolut
 ion of cloud targeted threats and the threat actors\n   behind them\, what
  I have found is that actors who target cloud\n   environments have begun 
 to use techniques that are solely unique to\n   cloud environments. So muc
 h so\, that the Unit 42 threat intelligence\n   team and I found it necess
 ary to define these actors as Cloud Threat\n   Actors. ""An individual or 
 group posing a threat to organizations\n   through directed and sustained 
 access to cloud platform resources\,\n   services or embedded metadata.""\
 n\n   In this talk\, we will guide the audience through the first-ever Clo
 ud\n   Threat Actor Index detailing the targeting cloud environments\, who
  are\n   behind these attacks\, how they are targeting and leveraging tech
 niques\n   unique to cloud environments\, and most importantly how poorly 
 defined\n   IAM identities open the biggest holes. We will also give the a
 udience\n   the knowledge needed to properly harden their cloud environmen
 ts by\n   illustrating how the most successful cloud-targeted attacks have
 \n   occurred. IAM is the first line of defense in your cloud\, knowing ho
 w\n   attackers target and leverage IAM resources to evade detection is th
 e\n   best tool we have to properly defend your entire cloud infrastructur
 e.\n\n   '\n\n   1. https://defcon.outel.org/consolidated_page.html#Linq\n
    2. https://twitter.com/qcuequeue\n\n\n
DTEND:20220812T224500Z
DTSTART:20220812T215500Z
LOCATION:SKY - LINQ - BLOQ (SkyTalks 303)
SUMMARY:Cloud Threat Actors: No longer cryptojacking for fun and profit
END:VEVENT
END:VCALENDAR