Understanding and Detecting Adversary-in-the-middle (AiTM) Attacks
DESCRIPTION
As identity is the new battleground and multi-factor authentication becomes a de-facto standard on corporate systems, cyber criminals are going after session tokens. Adversary-in-the-middle (AiTM) is the technique of choice to harvest these. Over the last years we have been seeing a major change in the phishing landscape towards AiTM-Platforms and more and more activity groups utilizing them. This talk will focus on the evolving threat landscape of adversary-in-the-middle (AiTM) attacks from open source kits to phishing-as-a-service (PhaaS) platforms, how to detect them and possible mitigations.
WHY THE COMMITTEE CHOSE THIS TALK
This type of attack should already have a high priority in IT security strategy today and is increasing due to further networking in the cloud.
SPEAKER
