Skip to main content
Topic: Track Down Criminal Hosting Infrastructures 2018 [Video 29 Min] (Read 979 times) previous topic - next topic

Track Down Criminal Hosting Infrastructures 2018 [Video 29 Min]

Upgrading Your CTI to Track Down Criminal Hosting Infrastructures 2018

Ransomware, trojans, cybercrime forums, and stolen credentials shops are commonly hosted on bulletproof hosting servers. Even though defenders are spending billions of dollars to mitigate
these threats by reactively collecting and pushing convicted domains, IPs, and signatures into enforcement products, cyber crime continues to increase and cause more damage. In this talk,
we’ll present proven approaches to upgrade your threat intelligence from being IOC-driven to being more proactive with a longer-lasting advantage. We’ll show how to extract behaviors of criminal-hosting infrastructures used for malware, phishing, crimeware forums, and various toxic content, and how to track evolving evasion patterns used by adversaries. We correlate findings using different threat intelligence collection, and analysis techniques applied to large-scale network data and OSINT. This talk will be useful to security practitioners, threat analysts, and law enforcement personnel, and it will provide actionable best practices to improve security controls in protecting organizations.

Dhia Mahjoub (@DhiaLite), Head of Security Research, Cisco Umbrella (OpenDNS)