Spear Phishing and Targeted Attacks
In this presentation, Stephen Sims will provide a technical look into the techniques used to successfully perform spear-phishing and other targeted attacks. We will take a look at how software bugs are discovered in both common and obscure applications through the process known as fuzzing, and how these bugs are turned into working exploits with the aid of debuggers and disassembly. High level techniques used to perform phishing on a wide scale will first be covered, followed by clever techniques used by attackers to social engineer a specific target into aiding in a compromise. Demonstrations will be provided showing how custom exploits can be used along with targeted social engineering to gain access to an unauthorized system.
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.