Ahmed Shah, Kevin Tremblay, Kyle Falcon, Mathieu Quirion
The presenters are a dynamic team of dedicated experts passionate about solving complex challenges across a wide array of industries, including aerospace, finance, and more. Their deep-dive approach to Red teaming and penetration testing is recognized for employing advanced techniques of today’s most sophisticated threat actors, uncovering vulnerabilities that automated tools often miss.
Canada
Session
It is estimated that 91 per cent of breaches originate with a social engineering attack. Despite all the investments that organizations have made into new technologies, the human element remains a critical barrier to achieving full security. Attackers continue to successfully deploy various techniques to exploit human behaviour and bypass sophisticated email defences and multi-factor authentication. This presentation will outline our experience performing social engineering campaigns used by real-world threat actors. Topics covered include open-source intelligence gathering (OSINT), challenges and effective techniques for conducting email phishing campaigns, measuring and evaluating phishing email content, outcomes for performing vishing campaigns, and how to perform in-person social engineering at physical facilities. The audience will be able to gain insights into the tactics used by attackers for social engineering as well as recommended safeguards that organizations can use to protect against such attacks.