Evolution of An Attack: How a Persistent Threat Actor Adapts to Fool Microsoft presented at DataConnectorsToronto 2020

by Michael Landewe,

Summary : The arms race between email attackers and defenders is a long and expensive one. In this webinar, we analyze the attack methods of a single advanced persistent threat organization that guarantees its dark-web customers that their messages will bypass Microsoft security.We review the software they use to send email from anywhere in the world, their techniques that take advantage of both short- and long-lived vulnerabilities and the infrastructure to harvest credentials and perform attacks almost instantaneously.You will be surprised by the sophistication of the tools as well as their ease of use. Updated regularly with release notes and training videos, they are not ‘hackers’, so much as software developers with a very clear product offer: 100% access to your inbox.We watch them over time and show how the tricks they use provide us with the indicators-of-attack we need to stop them.