This presentation will demonstrate modern techniques attackers are using to bypass security controls such as compromising accounts with multi-factor authentication and evasion of email security controls shown from real incidents. Also included will be a live demonstration of a phishing toolkit (EvilGinx2) which can bypass multi-factor authentication using cookie theft commonly used in many recent security incidents impacting major organizations.
From impersonating corporate tech support to intercepting SMS messages, one particular cyber threat actor has deployed several tactics for defeating multi-factor authentication. Eurasian threat actor IVAN, aka DisneyLandTeam, has successfully wired tens of millions of dollars from corporate bank accounts. Special Agent Vokas will discuss how they do it and what to look out for.
Chaim Black, Cybersecurity Analyst, Intrust IT
Chaim Black is a Cyber Security Analyst at Intrust IT, a Cincinnati based Managed Service Provider. Chaim has specialized in Microsoft 365 Security and investigating Business Email Compromises in the Microsoft 365 platform, and authored the PowerShell module, 365BlueTeamKit, used to assist in these investigations.
Todd Vokas, Special Agent, FBI Cincinnati
Special Agent Todd Vokas has spent his entire FBI career on Cincinnati’s Cyber Task Force first as an intern while in school and then as a Digital Forensic Examiner with the Computer Analysis Response Team. SA Vokas works mainly cyber criminal investigations to include a global botnet and a threat actor targeting corporate bank accounts.
Who Can Attend:
Open only to vetted InfraGard members.