Attackers keep innovating their TTPs to circumvent established defenses, so CTI on attacker innovation is fundamental. Our Twitter feeds are saturated with helpful reports on a daily basis, but how does this relate to the trends and developments within the threat ecosystem as a whole? This presentation discusses trends in ATT&CK tactics and techniques, based on a research project in which 950+ unique Windows malware families from an unbiased source were analyzed. The presentation will also highlight how commodity malware authors are adopting techniques from APTs and discuss best practices for how ATT&CK can be used to improve CTI analysis.


time: 14:00
speakers: Kris Oosthoek

Other sessions:

Trawling for Phishing: the Development of Phishing Detection

The Five People You Meet in Cybercriminal Heaven

You Should Get Some (Cyber) Exercise!

Hack_Right; How to Keep Hackers on the Right Track

Cryptography in Practice