2022-09-23, 19:00–19:45, Tesla
How many of you have been involved in an incident response of an APT? Have you had the feeling that continuously this is the neverending story, like an infinite loop?
Sometimes, in United Nations we have faced some interesting challenges. So, in this talk, you will see a real case of an APT in UN, deepening in detection, containment and remediation phases, giving you [almost] all technical details. It is quite relevant to show up that having powerful capacities in cyber security is key to prevent this kind of incidents.
But, in any case… will we be safe in the end? Or... Are we completely sure that we have identified all systems that were compromised by the adversary, and properly remediated their activity?