In June this year the "Ronald Reagan" batch of credit cards (potentially those stolen from PF Chang's) joined the "Barbarossa" batch from Target in becoming publicly available for purchase. Featured on the popular Rescator card shop (stolen card data marketplace), with advanced features like money back guarantees, pricing tiers (where Canadian bank cards demanding some of the highest prices) and cardholder zip code grouping. This is indicative of the broad, deep and sophisticated underground "Fraud as a Service" network currently in operation.
See Also: Faster Payments, Faster Fraud?
In this in-depth update session we will learn:
- How is this underground economy structured?
- How is the 'Deep Web' being utilized for fraud?
- What Threat Intelligence can we gather from it?
Collecting security and fraud related data from multiple sources can often just result in creating a very large pool of unrelated facts. But begin to add context to that data and you now have information. Triangulate multiple pieces of information together and you can create intelligence, indicative of a real and active threat.
This session will answer questions such as:
- How can I create Actionable Intelligence from data feeds?
- How will emerging threat information exchange specifications such as TAXII/STIX effect our ability to collect and share standardized threat information with the broader community.
- How do I best select and combine internal context and event information with the various open source and commercial external threat intelligence feeds available?