Encryption to Extortion, the Evolution of Cloud Based Attacks
Échec de l'ajout au panier.
Échec de l'ajout à la liste d'envies.
Échec de la suppression de la liste d’envies.
Échec du suivi du balado
Ne plus suivre le balado a échoué
Encryption to Extortion, the Evolution of Cloud Based Attacks
-
Narrateur(s):
-
Auteur(s):
À propos de cet audio
In this session we talk about Salesloft Drift and the implications of OAuth based attacks. Companies use Drift with Salesloft to automate lead capture + sales workflows into Salesforce.com. Enter Nation State threat actor UNC6395, who was able to steal the tokens and gain a backdoor into Salesforce via these OAuth tokens.
We then dive into the Evolution of Cloud Based Attacks, where threat actors like Storm-0501 are moving away from noisy, on-prem encryption and pivoting to the cloud—where exfiltration, data destruction, and extortion can all happen without dropping a single payload. Add to that the rise of extortion-only campaigns, and we’re looking at an evolution that defenders need to understand right now.
Special guests:
MacKenzie Brown, VP of APG at Blackpoint
Charles Buck, Founder and CTO of SaaS Alerts
Chris Loehr, DFIR Exerpt
Phyllis Lee, VP of Content at CIS