86% of eCrime actors use evasion techniques to bypass antivirus (AV) software and 80% of attacks use stolen credentials1.
Adversaries continue to evolve. From using evasion techniques — such as removing indicators, hijacking execution flows and masquerading — to get past legacy endpoint solutions to using stolen credentials to login.
The session will explore several different ways bad actors such as Scattered Spider access retailer’s ecosystems and how they are monetizing their ever growing wave of e-crime campaigns.
The presentation will show where adversaries purchase local system or cloud credentials, exploits, and other tools for initial access. We will also highlight how Scattered Spider has shifted into data extortion campaigns where data theft and public leak disclosure threats are being monetized.