Part 1 - Fraud Ecosystem
See Also: 2016 State of Threat Intelligence Study
In June this year, the "Ronald Reagan" batch of credit cards (potentially those stolen from P.F. Chang's) joined the "Barbarossa" batch from Target in becoming publicly available for purchase. These cards were featured on the popular Rescator card shop (stolen card data marketplace), which offers advanced features like money-back guarantees, pricing tiers and cardholder zip code grouping. This is indicative of the broad, deep and sophisticated underground "Fraud as a Service" network currently in operation. In this in-depth update session, we will learn:
- How is this underground economy structured?
- How is the 'Deep Web' being utilized for fraud?
- What Threat Intelligence can we gather from it?
Part 2 - Threat Intelligence
Collecting security- and fraud-related data from multiple sources can often just result in creating a very large pool of unrelated facts. But begin to add context to that data and you now have information. Triangulate multiple pieces of information together and you can create intelligence, indicative of a real and active threat. This session will answer questions such as:
- How can I create Actionable Intelligence from data feeds?
- How will emerging threat information exchange specifications such as TAXII/STIX effect our ability to collect and share standardized threat information with the broader community.
- How do I best select and combine internal context and event information with the various open source and commercial external threat intelligence feeds available?