Meeting 2016/06/16

what The Value of Threat Intelligence
Stories from the SecureWorks Counter Threat Unit
when 2016/06/16
where Dell Netherlands Amsterdam, Transformatorweg 38-72, 1014 AK Amsterdam



Opening remarks
Ronald van Erven - president (ISC)2NL
Evolutions in APT Tactics - presentation
Lee Lawson - SecureWorks Counter Threat Unit (CTU) Special Operations
Lee responds to and investigates cyber-attacks by Nation State Threat Actors. This gives his team an unparalleled view into the latest tactics being used by some of the world’s best hackers. Because of this, the SecureWorks CTU observe changing tactics by Threat Actors and build new countermeasures to detect these evolutions in tactics. Lee will now share with you some of the key evolutions observed by the CTU, some of these new tactics completely bypass traditional countermeasures making them incredibly effective in staying under the radar. Lee will:
  • Explain that the Cyber Threat Landscape is a moving battlefield
  • Describe key evolutions in APT attacker tactics, tools and procedures
  • Defensive Evasion
  • Living off the land
  • Use of pre-built virtual machines
  • Provide an analysis of recent tactic evolutions SecureWorks has observed
  • Discuss some approaches to detect new tactics
RAM to Reality: Observations of Geopolitical Conflicts Transitioning to Cyberattacks
Tom Finney - CTU Operations Specialist at SecureWorks
Tom will talk about the fact that Geopolitical conflicts are more publicly transitioning into the cyber realm. With current conflicts, a cyber-component is almost always included – and the outcome can be observed in the physical world. What is the impact of these events? Can it expose trade secrets? Shut down financial markets? Or worse?
We will cover known events, discuss the actors behind them and generally talk about the potential impacts from these threats.
  • Understand the relationship between specific geopolitical events and cyberattacks
  • Learn about the actors behind these cyberattacks and the impact to your businesses
  • Get insight into the latest attack trends
  • Receive recommendations on security solutions and threat intelligence to help protect your network
Banking Botnets - Fight Continues
Pallav Khandhar - CTU Senior Security Researcher at SecureWorks
Pallav will share his insight on Banking Botnets and his every day experience to hunt them down.
  • What are the current eCrime trends and what has changed in past 12 months
  • Takedowns, Emergence and Resurgence of banking botnets
  • Change in tactics and targets
  • Banking botnets - widespread, resilient and evasive



This evening was hosted and arranged by

SecureWorks   For more information, please contact

Ruben van Splunter
M +31 6 159 118 12

and supported py