A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


How I Inadvertently Outsourced My IT Job to a Fancy Bear - Tim MalcomVetter (ShowMeCon 2017) (Hacking Illustrated Series InfoSec Tutorial Videos)

How I Inadvertently Outsourced My IT Job to a Fancy Bear
Tim MalcomVetter
malcomvetter
ShowMeCon 2017
http://www.showmecon.com

As I plan this talk, Twitter can,t seem to shut up about Russian hackers and Fancy Bears, except perhaps long enough to talk about organizations paying to remove ransomware off of everything from mass transit systems to Android Smart TVs. Current events remind me of both the childhood game, King of the Hill, and the news story from 2013 in which a Verizon auditor caught an employee named "Bob" outsourcing his software development job to a Chinese programmer in exchange for 20% of his 6 figure salary, so "Bob" could watch cat videos instead of work. Somehow, I envision a future niche where these concepts are all linked. In this talk, we will mix the TTPs (Tactics, Techniques, and Procedures) of red-team-worthy adversaries with the get-rich-quick goals of ransomware to head into a new direction: king of the enterprise hill in which your IT job was just outsourced to an APT. Is your blue team ready for it and can your red team deliver an adequate simulation to make sure they are?

Bio: Tim MalcomVetter (@malcomvetter) is a STL native (born and raised), with ~15 years in IT (security and development), and is the lead hacker at the world,s largest commercial entity (Fortune 1 of 500). Tim has presented at BlackHat, DerbyCon, a couple BSides, ArchC0N, Secure World Expo, a handful of developer conferences, and of course ShowMeCon. Come say hi.

Back to ShowMeCon 2017 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast