Well What Have We Here - A Year of Cyber Deception, Attribution, and Making Attackers Rethink Their Approach

Explore a year of cyber deception, attribution, and strategies to make attackers rethink their approaches in this 50-minute conference talk from Derbycon 2019. Delve into various scenarios including reconnaissance, AWS key exploitation, and Kerberoasting. Learn about setting up alerts, creating cloned websites, and implementing web bugs for tracking. Discover techniques for enhancing threat intelligence and gain insights on how to effectively use cyber deception to improve security posture. Engage with practical examples and important considerations for implementing these strategies in real-world environments.

Intro
Conversation
Krebs... We Need To Talk.
Your One Rule.
Getting Started
Scenario: Recon
AWS Keys
Alert
Context
exe
Setup
Why not make it real?
How To Do This
Cloned Websites!
Trigger
History
Word Docs!!!
Family...
Not bad..
Enhance
Word Web Bugs
Tracking!
One Step Forward...
Important!
Kerberoasting
We Love Adding This...
Honeybadger Update
Git It Here
Back To Threat Intel
Questions?