The Five Most Dangerous New Attack Techniques and How to Counter Them

Alan Paller, Research Director and Founder, SANS Institute
Heather Mahalik, Director of Forensics Engineering at ManTech and Mobile Forensics Course Director, SANS Institute
Ed Skoudis, Instructor, SANS Institute
Johannes Ullrich, Dean of Research, SANS Technology Institute

Which are the most dangerous new attack techniques? How do they work? How can you stop them? What’s coming next and how can you prepare? This fast-paced briefing features the three people best positioned to provide answers and best able to communicate them: the nation’s top expert/teacher on mobile forensics, the director of the Internet Storm Center and the top hacker exploits expert/teacher in the US.  They also answer audience questions.


  1. CodeX on February 29, 2020 at 12:36 pm

    my my Johannes has same tone in real life as well

  2. Samantha Anders on February 29, 2020 at 12:40 pm

    ❌ Why would anyone want to use GMail from Google, when Everyone knows that they have For Profit Contracts to sell their Data on Everyone To Governments around the World

  3. Shaun Grace on February 29, 2020 at 12:44 pm

    What if each cloud scans the last 4? (variable so nobody can guess) seconds of connections to see what are linking up with the same send away and bring in information. Only take a terrabyte of RAM per second surely?

    I’m no hacker but I’d just create two or more windows at home exactly the same, all codes the same, and one is overlapping fake with links to another site
    What does that do?
    Think about it, if you leave the fake one(s) open, while the proper says passwords you the hacker typed in are no good, then when the actual owner of the password goes to type in the password, the fake window one will overlap from anywhere in the world and see the real password typed. There’d be a way to to leave the fake window open without the host website knowing anything, maybe it was left open after trying to place in your own password in fake password account holder as well. I cannot do it as know nothing of code but bet someone out there is doing this….??
    Simply you’d bring up two windows then change everything in the fake one to match the real window then overlap etc….

    Please nobody go and do this. It’s important to trust each other and trust each others works online

  4. Alexander H. Finch on February 29, 2020 at 12:50 pm

    I’m still surprised that people actually answer "security questions" honestly.
    Want to make them more secure? Easy:
    – What’s the name of your first pet?
    – lke5tCa083$smcui932nfaKenCHq3/fsd
    or something like that.

    Also, "security questions" are awful.

  5. xl on February 29, 2020 at 12:53 pm

    why are they making certificates for people without a strong verification of their identity, like a smartkey / yubikey or something, or at least some crypto signing

  6. Eddie O'Connor on February 29, 2020 at 1:07 pm

    Well I have a few methods of preventing infiltration:

    Change password regularly every 3 months…and use combination phrases / words mixed with numbers and "special characters"
    Use Linux with SElinux enabled, and set access controls granularly
    Install and run regularly ClamAV / RKHunter / CHRootkit on all files and sectors
    Do not keep any device actually running when I’m not using it (locking your PC screen to go eat dinner, or answer the phone etc.)
    Don’t use Apple products
    Don’t use Microsoft products
    And if all else fails? Just "unplug" for a few months.

  7. sent4dc on February 29, 2020 at 1:08 pm

    39:10 this is the best advice of the whole talk. So clever. Thank you!

  8. Timothy Aaron on February 29, 2020 at 1:10 pm

    run a totally separate network and computer and monitors for your employees to surf the web check Facebook and their phones WiFi they are going to do it anyway behind your back.

  9. HemaThinnakaran on February 29, 2020 at 1:15 pm

    use password manager and how if the password manager is hacked or open a backdoor ?

  10. Kampiire Annet on February 29, 2020 at 1:17 pm

    Thanks for this presentation

Leave a Comment