The Future of ATO
Offered By: Black Hat via YouTube
Course Description
Overview
Explore the evolving landscape of Account Takeover (ATO) in this 51-minute Black Hat conference talk by Philip Martin. Delve into the challenges faced by online security professionals as they grapple with password megalists, massive PII breaches, and increasingly sophisticated attackers. Examine the unique perspective of Coinbase, one of the world's largest consumer cryptocurrency platforms, as they navigate the delicate balance between usability and security. Gain insights into emerging threats such as SIM swapping, account recovery abuse, critical phishing, credential stuffing, and botnet proliferation. Learn about countermeasures including ratelimiting, challenge-response systems, and list validation. Discuss the role of social engineering and banking malware in ATO attacks. Conclude with a Q&A session to address the future of online security and potential solutions to combat evolving ATO techniques.
Syllabus
Introduction
Future of ATO
Sim Swapping
Account Recovery Abuse
Critical Phishing
Credential stuffing
Botnet proliferation
Ratelimiting
Challenges
List Validation
Social Engineering
Answer Mocks
What do we do
Banking malware
Bottom line
Questions
Taught by
Black Hat
Related Courses
Web App Testing - EnumerationCyber Mentor via YouTube Full Ethical Hacking Course - Beginner Network Penetration Testing
Cyber Mentor via YouTube Zero to Hero Pentesting - Exploitation, Shells, and Some Credential Stuffing
Cyber Mentor via YouTube Top Active Directory Attacks - Understand, then Prevent and Detect
RSA Conference via YouTube Protecting Accounts from Credential Stuffing with Password Breach Alerting
USENIX via YouTube