Josh Kamdjou
Josh has been doing offensive security-related things for the past 12 years. He's spent most of his professional career breaking into networks via spear-phishing and other methods, and building software for both the public (Department of Defense) and private sectors. Josh is the Founder and CEO of Sublime Security, and in his private life enjoys weight lifting, Martial Arts, soccer, and spending time with his niece and nephew.
Sessions
Email remains the #1 initial access vector for commodity malware and nation state actors. Historically, tackling email-based threats has been considered the purview of black-box vendor solutions, with defenders having limited scope (or tooling!) to swiftly and effectively respond to novel offensive tradecraft.
In this training, attendees will be given detailed insight into the latest techniques used to deliver prevalent malware strains, including Pikabot and IcedID, and will hunt through email data to identify this malicious activity, developing rules to detect and block these attacks.
Initially attendees will be introduced to the foundational technologies that enable threat hunting and detection engineering in the email domain, before being given access to the email data of a fictitious company seeded with benign and real-world attack data.
Attendees will be guided through the rule creation process, utilizing free and open detection engines including Sublime and Yara, and will be introduced to the signals that can be used to craft high-fidelity rules, including sentiment analysis, domain age, and attachment analysis. Having completed the training, attendees will have a strong understanding of the tools and techniques at their disposal to defend their organizations from all manor of email threats.
Email-based attacks remain at the forefront of the cybersecurity threat landscape, ever-evolving to circumvent defenses and trick unsuspecting users. In this presentation, we discuss the risks of Generative AI in the context of the email threat landscape. Specifically, we examine how Generative AI facilitates the automation of targeted email attack creation, resulting in increased campaign reach, diversity, and the likelihood of success.
We'll show real, in-the-wild attacks with completely fabricated contents, including conversations between multiple individuals that never happened, to demonstrate the sophistication LLMs can afford attackers in conducting convincing phishing campaigns at scale.
Attendees will leave this talk with an understanding of the impact of Generative AI on the email threat landscape and what to expect in the coming years.