Ta spletna stran hrani piškotke, da bi vam zagotovili boljšo uporabniško izkušnjo in popolno funkcionalnost te strani.

Analitične piškotke uporabljamo s storitvijo Google Analytics, samo z vašo privolitvijo. Sprejemam Zavrnitev Več informacij
Pojdi na vsebino

Most common hacker techniques (MITRE ATT&CK) and safeguarding privileged identities

Predavanje je v angleškem jeziku.

We will explore prevalent hacker techniques through the MITRE ATT&CK framework and methods to protect privileged identities. Through the analysis of significant cyber incidents, we will examine how hackers frequently utilize lateral movement within IT systems to achieve privilege escalation and gain Domain Admin access. The presentation will specifically highlight the use of remote monitoring tools such as RDP, AnyDesk, TeamViewer, among others, in systems lacking an AD Tiering model, facilitating the spread of ransomware across multiple computers. Strategies and best practices using Sentinel and Defender for monitoring privileged users will be demonstrated, emphasizing the importance of implementing a Tiering model for maximum security and protection against suspicious hacker activities. We will conclude with examples of how altering security policies and procedures can prevent hackers from leveraging the identity system as a leverage point for ransomware propagation.

Tomislav Poljak

Microsoft Hrvatska

Tomislav has been working at Microsoft Croatia for twelve years, currently in the position of cybersecurity consultant. His primary work activities usually involve recovering large business systems after cyber attacks, requiring swift reaction, hacker detection, and removal from the systems. Additionally, he assists clients in analyzing all identities by establishing a SOC environment or utilizing specialized monitoring tools, thereby enhancing protection and preventing employee and company risks. Given the recent global surge in cyber attacks, he focuses on advanced education, proactive engagements, and assessments that determine the state of the identification system. He often delivers lectures at conferences in Croatia and the surrounding region. He has been a Microsoft Certified Trainer (MCT) since 2008 and holds various other industry certifications. Whenever possible, he spends time in nature, whether during leisure time or business trips.