A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Attacking the Hospitality and Gaming Industries: Tracking an Attacker Around the World in 7 Years - Matt Bromiley & Preston Lewis GrrCON 2016 (Hacking Illustrated Series InfoSec Tutorial Videos)

Attacking the Hospitality and Gaming Industries: Tracking an Attacker Around the World in 7 Years
Matt Bromiley & Preston Lewis
GrrCON 2016

@505forensics

As early as 2009, one particular financial attack group has been successfully stealing payment card data from the entertainment industry, to include casinos, that make the Oceans 11 movie franchise look like child?s play. This talk will walk through the earliest FIN5 compromises identified by Mandiant, showcasing the developmental evolutions of this attack group. We will cover attack techniques dating from 2009 to present day, and review the methodologies used to defeat security controls implemented to protect the enterprise and payment card data. Combining years of Mandiant investigations, we?ve collected timelines of compromise, FIN5 attack lifecycles, and public notifications of breaches affected by this group. Comparing that data against temporal data points, we will reveal an elaborate criminal infrastructure and a thorough understanding of the payment card ecosystem. While this attack group focuses on payment card data, the techniques leveraged by the attack group are applicable and relevant across all industries.

Back to GrrCON 2016 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast