Patchwork is a highly successful nation state targeted attack operation, which infected approximately 2,500 high-value targets such as governments, worldwide. It is the first targeted threat captured using a commercial cyber deception platform. In this talk, we will share how deception was used to catch the threat actor, and later on secure their second stage malware and lateral movement activity. Examining this threat actor is especially interesting as on the one hand it displayed an extremely sophisticated intelligence and operational capability, carefully choosing targets, successfully compromising them, and scaling the operation, while on the other hand, technologically their toolset is built like a patchwork quilt, a combination of snippets of code taken from various online forums and from GitHub that any kid off the street could build.Back to Open CFP
First, this seems to be lacking an offensive component. Skimming through https://s3-us-west-2.amazonaws.com/cymmetria-blog/public/Unveiling_Patchwork.pdf, I see that they used HTTPS meterpreter, which I would hesitate to call 'extremely sophisticated'.
We get it, some orgs invest in using cyber for intel goals. *yawn*
We are pleased to announce the Call For Papers for INFILTRATE 2018 is now open. If you would like to present and have an offense-focused-fresh-content presentation, please submit an abstract, Bio and headshot to email@example.com. This information will be included on our Open CFP site, here, where the public can vote on which presentations they are most interested in seeing at INFILTRATE. Call for papers will close on December 14th, 2017. Shortly after this date, the winning speakers will be notified.
Some of the benefits of speaking at INFILTRATE are: