05. 12. 2022 Massimo Giaimo Exposure Assessment

HackInBo Business Edition – Winter 2022 – Our Participation

On December 2 we participated, as platinum sponsors, in the second edition of the HackInBo Business event. For 10 years, HackInBo has been one of the most important IT security conferences in Italy, and for this edition too we wanted to give our contribution by participating with a 40-minute talk. The formula of the event provides for the preparation of 2 separate talks and only the talk with the most votes from the public is the one that is actually presented. Our 2 talks were as follows:

TALK #1: ETEL – THE GAME APPLIED TO SOCIAL ENGINEERING

The year was 2018 and on a gloomy afternoon, after the umpteenth phishing campaign which ended with nothing short of sensational (and worrying) results, we decided to run for cover and develop ETEL, a role-playing game with the aim of creating, in a fun and unconventional way, greater awareness on the topic of social engineering.

TALK #2: LOG STEALER MARKET PLACES – IT’S SHOPPING TIME FOR THREAT ACTORS!

The spread of log stealer-type malware and the sale of the information recovered from them in specially developed market places is contributing in a fundamental way to the implementation of attacks even by novice Threat Actors. Between Redline and Raccoon, Genesis and Russian, together we will get to know the main elements involved.

The most-voted talk, with 52% of the votes, was the second one, and we are therefore pleased to share with you here the slides we prepared.

talk2_marketplace_giaimo Download

The situation we described during the talk is that thanks to the use of log (info) stealers’ malware and the channels for purchasing the credentials recovered through them, never as before have cyber attackers had the chance of conquering their initial accesses with such a minimal investment, both in economic and temporal terms.

This situation requires constant monitoring of the evidence shared on the market places and other purchasing channels. We have implemented this continuous monitoring within our SATAYO Cyber Threat Intelligence Platform, through which we can immediately identify any records concerning organizations we monitor, immediately after publication. To get more information and a demo of the platform to check your organization’s exposure index, contact us!

Special thanks go to Mario Anglani, creator of the event, who as usual was able to keep the quality level of the conference really high. That’s all at HackInBo… see you in 2023!