Threat Labs Netskope @ BSides Delhi 2019
Oct 24 2019

Netskope @ BSides Delhi 2019

BSides is a community-driven framework for organizing events around the world for information security professionals. BSides Delhi 2019 drew approximately 500 attendees and boasted a schedule packed with workshops and presentations. Ashwin Vamshi, from Netskope’s Threat Research, presented our work, “Phishing in the Cloud Era.” We recorded a short preview of our presentation, which is available in this video.

The presentation began with our research on cloud-scale phishing, highlighting:

  • Wide-scale adoption of cloud services by cybercriminals
  • Effective phishing attacks launched from popular cloud services
  • Effective phishing attacks aimed at stealing credentials for popular cloud services
  • Phishing-as-a-service vendors making it particularly easy for attackers

The presentation builds upon some of our previous research, including the following blog posts that detail specific phishing attacks we have analyzed. 

We conclude with some discussion of how organizations can protect themselves, including:

  • Modernizing training to educate users on how to avoid contemporary phishing attacks
  • Actively tracking usage of cloud services to identify suspicious behavior
  • Configuring apps such as PDF readers to reduce the risk of accidentally clicking on a bait within the app

The slides from the presentation are available here.

author image
About the author
Ashwin Vamshi is a Security Researcher with innate interest in targeted attacks and malwares using cloud services. He is primarily focusing in identifying new attack vectors and malwares, campaigns and threat actors using ‘cloud as an attack vector.’
Ashwin Vamshi is a Security Researcher with innate interest in targeted attacks and malwares using cloud services. He is primarily focusing in identifying new attack vectors and malwares, campaigns and threat actors using ‘cloud as an attack vector.’