In this session we will fokus on complex and sophisticated attack that has been attributed to an APT. The adversary exploited three zero-days in Ivanti Endpoint Manager Mobile (EPMM) and Ivanti Sentry as part of the attack.
The investigation revealed that the attacks were performed by an advanced adversary executing a thorough, well-planned, targeted attack. The threat actor demonstrated in-depth knowledge of the exploited systems, utilised sophisticated techniques, and used considerable efforts to cover their tracks.
During this session, we’ll examine the anatomy of this attack, diving into the zero-days themselves and how they were chained together, along with other tools and techniques the threat actors utilised. We’ll dive into how we uncovered the zero-days and share our observations and lessons learned.
This session will be held by Per Morten Sandstad. Per Morten has over 20 years of experience in the security industry, mainly focusing on threat intelligence and leading incident response assignments. At mnemonic, he leads a team within the Threat Intelligence department, specialising in incident handling and forensics. Before joining mnemonic, he helped establish FinansCERT Norway (now Nordic Financial CERT), where he led the threat intelligence efforts and supported the financial industry's incident-handling work.
I dette foredraget vil du få insikt i et svært omtalt angrip i Norge - dette foredraget vil du ikke gå glipp av!