🇬🇧 Session in English.
Speakers: Alexander Andersson and Fabio Viggiani
Persistence is a threat actor tactic with the objective of retaining access in a compromised environment, even after rebooting or changing passwords. A typical persistence technique could be adding a startup program that will run once the computer starts, but what does advanced persistence look like in 2021?
In this session we will look into the persistence techniques used by sophisticated attackers, including nation state-backed APT groups. We will explain how the techniques work, how we discovered them in our incident response, and finally how you can detect and respond to these threats to ensure no one is hiding in your environment.