Advanced Attackers Hiding Inside Encrypted Traffic at the Endpoint

Explore advanced techniques used by sophisticated attackers to conceal their activities within encrypted traffic at the endpoint in this GrrCon 2018 conference talk. Delve into Jared Phipps' expertise as he discusses the rapid evolution of threat markets, the increasing complexity of Advanced Persistent Threats (APTs), and the challenges of modern threat intelligence. Examine file list attacks, persistent malware problems, and the growing trend of threat actors as services. Analyze the disappearance of traditional network perimeters and the implications for enterprise security. Gain insights into protecting critical assets, addressing talent shortages, and developing effective security strategies. Investigate real-world scenarios, including WordPress vulnerabilities, reverse forensics techniques, and the impact of ransomware attacks.

Intro
Jareds background
Threat markets evolve quickly
APT is greater than malware
Sentinel One 2018 Security Index
File List Attacks
Malware Remains a Constant Problem
Threat Intel is Getting Harder
Enterprise Risk Index
Extortion
The End of Patience
Threat Actors as Services
Perimeters Disappearing
What Are You Protecting
Talent
Strategy
Scenarios
WordPress
From the attacker perspective
Reverse forensics
Ransomware