2020-11-20, 18:30–19:20, Hackfest - Track 1
Cisco's Talos team specializes in early-warning intelligence and threat analysis necessary for defending networks against the ever-changing threat landscape. In this talk we will cover how our team is built, look at some interesting threats and exploits -- take a look at the methods and techniques that both the attackers and defenders use to exploit these attacks, taking a deep dive into dual-use tools and see how they are being leveraged by threat actors to exploit, move laterally, and deepen the attackers reach into your network.
Dual-use tools are developed to assist administrators in managing their systems or assist during security testing or red-teaming activities. Unfortunately, many of these same tools are often co-opted by threat actors attempting to compromise systems, attack organizational networks, or otherwise adversely affect companies around the world. This talk will dive into the topic of dual-use tools and how they have historically been used in various attacks. It will also provide case studies that walk through how native system functionality and dual-use tools are often used in real-world attacks to evade detection at various stages of the attack lifecycle.