Uncovering the traces of state sponsored threat actors: A case study on Turla
Abstract: Cyber Threat Intelligence (CTI) is a term that is often abused in recent days. Many people are confused by vendors that provide feeds of Indicators of Compromise defining them “cyber threat intelligence products”. In the first part of this webinar we will introduce the basic concepts of this modern discipline that finds its roots in one of the crafts of the ancient world: espionage. We will introduce key aspects related to people, processes and technologies that enable the different phases of the cyber threat intelligence cycle. In the second part, we will provide a real application of these concepts describing an activity that led us to the publication of a public report about one of the most advanced state sponsored threat actor: Turla.
Speakers: Dr. Nino Vincenzo Verde (PhD) works for Leonardo s.p.a. as a senior cyber security architect. He is one of the key researcher of the Cyber Security Research Center (CSRC) of the Cyber Security Division. He has several years of experience in cyber threat intelligence and incident response with focus on state sponsored threats actors, working both as analyst and architect. He was previously with Sapienza-University of Rome and University of Roma Tre, where he published numerous papers in international scientific conferences and journals on computers and networks security, access control, wireless ad-hoc networks, encrypted network traffic analysis, and digital forensics.
Dr. Antonio Villani (PhD) is a security professional working for the Leonardo's Cyber Security Division within the Cyber Security Research Centre (CSRC). His main responsibilities are related to the enhancement of the endpoint security capabilities of the Division by developing tools and by expanding the knowledge of adversaries’ TTPs. As a researcher he published in top tier conferences and journals and he participated to European research projects in the field of cyber resilience and data security. During the final steps of its PhD he worked in the field of malware research and digital forensic starting his path toward the black-magic of reverse-engineering. In his never-ending quest in discovering how deep the white-rabbit hole goes, he spent the past years analyzing high level implants and providing detailed information on their implementation to support cyber-defense and cyber threat intelligence teams.
Affiliation: Leonardo s.p.a.
Registration: Participation if free. However, registration is required on Eventbrite at the following link: "CTI, from zero to hero".