Attackers keep innovating their TTPs to circumvent established defenses, so CTI on attacker innovation is fundamental. Our Twitter feeds are saturated with helpful reports on a daily basis, but how does this relate to the trends and developments within the threat ecosystem as a whole? This presentation discusses trends in ATT&CK tactics and techniques, based on a research project in which 950+ unique Windows malware families from an unbiased source were analyzed. The presentation will also highlight how commodity malware authors are adopting techniques from APTs and discuss best practices for how ATT&CK can be used to improve CTI analysis.

Details

time: 14:00
speakers: Kris Oosthoek

Other sessions:

Trawling for Phishing: the Development of Phishing Detection


The Five People You Meet in Cybercriminal Heaven


You Should Get Some (Cyber) Exercise!


Hack_Right; How to Keep Hackers on the Right Track


Cryptography in Practice