Red Team Social Engineering 2024: Initial Access TTP and project experience of the our team

September 27, 2024 (GMT +8)
11:15
Ballroom 1 & 2
     

This presentation will cover the topic of effective techniques, tactics, and procedures (TTP) for initial access and spear phishing vectors based on the project experience of the PT SWARM Red Team operations.

Key topics include:

Payloads and delivery methods: An examination of the most effective payloads and methods of delivering them to users. Special attention will be given to concepts such as HTML/SVG/PDF Smuggling, PDF Luring, DLL Side-Loading, attacks on developers, persistence via COM hijacking and spoofing email domains.

Project case studies: Examples of successful Red Team operations, including specific cases of initial access based on our Red Team projects and experience.

The presentation will provide participants with a deeper understanding of modern targeted phishing techniques and their practical application in real-world Red Team scenarios.

Speaker

Konstantin Polishin Team Lead of the Red Team SE group, Penetration Testing Department at PT SWARM, Positive Technologies

Speaker of the international cybersecurity conference Positive Hack Days, HITB

The main activity is related to participation in complex Red Team operations in the largest companies in the country, where coordinated teamwork is required at the stage of initial access for rapid development in the corporate network and obtaining maximum privileges in the infrastructure, bypassing the radars of the SOC team.

I specialize in the implementation of financial business risks in large banks with a demonstration of the possibility of withdrawing funds, bypassing the Anti-APT mail stack and developing expertise in social engineering using the results in our project work.

« Back