BEGIN:VCALENDAR VERSION:2.0 PRODID:Data::ICal 0.24 BEGIN:VEVENT DESCRIPTION: 'Title: You're Not George Clooney\, and This Isn't Ocean's E leven\n When: Friday\, Aug 11\, 12:00 - 12:45 PDT\n Where: Harrah's - Nevada Ballroom - Lake Tahoe & Reno - War Stories -\n On the Record - [1 ]Map\n\n SpeakerBio:Andrew "Spike" Brandt \, Principal Researcher at Sop hos\n X-Ops\n Andrew Brandt is a former investigative reporter turned network\n forensics investigator and malware analyst\, who serves as a P rincipal\n Researcher for Sophos X-Ops. Brandt has worked in information security\n since 2006 and\, prior to working in the industry\, covered it\n extensively as the security editor for PC World for nearly a decade .\n He has applied his knowledge about the behavior of malicious softwar e\n and threat actors to profile identifiable characteristics of\n und esirable or criminal activity\, specializing in attackers who target\n t he finance\, energy\, and government sectors. His analysis techniques\n seek to determine general principles that can help analysts and\n defend ers rapidly and comprehensively identify the root cause of\n infection a nd data loss\, putting real-time network data analysis at\n the front li ne of prevention.\n\n Description:\n One common thread runs through a recent wave of (initially\,\n successful) targeted malware attacks I've investigated: The attackers\n communicated with their targets\, personal ly\, using social engineering\n in real-time\, in order to lay the groun dwork for the rest of the\n attack to succeed. Throughout the course of several post-breach\n investigations\, it became apparent that -- for a certain kind of\n target and a particular class of attacker -- engaging the victim in\n direct conversation was far more effective at assuring t he target\n infected their computer than crafting a believable-looking " malspam"\n email that would "fool" the target into clicking a link or op ening a\n file.\n\n The attackers did not need to be charismatic for t he technique to\n succeed. In fact\, so long as the attacker "got into c haracter" and\n treated the interaction as a normal\, everyday event (fr om their\n perspective)\, the targets went along for the ride\, and in m any cases\,\n self-infected with malware that was capable of snooping th rough their\n most sensitive files. In this session\, we'll discuss both the social\n engineering and technical aspects of the attacks\, and why this\n combination of tactics is particularly dangerous and hard to def end\n against.\n\n REFERENCES\n Brandt\, Andrew. “Tax Firms Targeted by Precision Malware\n Attacks.” Sophos X-Ops Blog\, So phos News\, 13 Apr. 2023\, [2]news.sophos.com/en-us/2023/04/13/tax-firms-t argeted-by-precision-malware-attacks/\n @x86matthew. “EmbedExeLn k - Embedding an EXE inside a LNK with\n Automatic Execution.” [ 3]www.x86matthew.com\, 22 Apr. 2022\, [4]www.x86matthew.com/view_post?id=e mbed_exe_lnk\n\n '\n\n 1. #Harrahs\n 2. news:news.sophos.com\n 3. http://www.x86matthew.com/\n 4. http://www.x86matthew.com/view_post?id=e mbed_exe_lnk\n\n\n DTEND:20230811T194500Z DTSTART:20230811T190000Z LOCATION:DC - Harrah's - Nevada Ballroom - Lake Tahoe & Reno - War Stories - On the Record SUMMARY:You're Not George Clooney\, and This Isn't Ocean's Eleven END:VEVENT END:VCALENDAR