The presentation is the result of an investigation process involving fraud in the Point of Sale (PoS) systems, which in a single establishment in Brazil caused a loss of more than R$ 1.5M or approximated U$ 0.5M.'the fraud involved the use of various technological devices such as VPNs, encryption, C & C server remote, automated scripts, anti-forensics techniques, building a specific device plug and play for fraud, and obviously, a lot of audacity on the part of the fraudsters.
During the presentation, Thiago will show all the vulnerabilities exploited by fraudsters, as well as other possible attacks that could be carried out using the same technique, where depending on the establishment, the fraudsters could easily lead to financial losses greater than the case of Target 2013 and HomeDepot in 2014.'the complete mapping of the work was the result of a long investigation using cyber intelligence and counterintelligence techniques in order to be able to identify the suspects of illegal practices.'the result of over 6 months of private research will be presented in an unprecedented manner so that it can be demonstrated throughout the investigative process used, strategies and technologies used, all with the purpose of identifying the Tactics, Techniques and Procedures (TTP) fraudsters use to contain or eliminate the effectiveness of the attack.
To learn more on this topic, attend the 10th annual SANS Digital Forensics & Incident Response (DFIR) Summit & Training.'this training event brings together the most influential group of experts, the highest quality training, and the greatest industry networking opportunities in one place. Over the course of this eight-day training event, you'll enjoy: