MMS 2022 at MOA

Description:
The industry spends billions on cybersecurity, but it's getting worse every year. Crackers, ransomware attacks, international scandals remind us of our dangerous world, but the biggest issue is the matter of fact: there is a really low threshold of occurrence into "hacking". Any script kiddie can download a bunch of tools and play with your websites, emails servers, etc. In our time to be hacked or not is a matter of statistics. To beat hackers let's think like hackers. In the session, you will see the complete kill chain from the edge to domain admin privileges and how to stop these types of attacks.

• Getting inside the network with email attacks.
• Bypassing third-party email protection.
• Privilege Escalation.
• Antivirus evasion.
• Enumerating and Exploiting Active Directory domain.
• Stop phishing attacks with Microsoft Defender for Office 365.
• Protect your modern desktop from modern attacks with Microsoft Defender for Endpoint.
• Linux Cloud-based EDR

What you will learn:

• Microsoft 365 Defender for Office 365 can block advanced phishing attacks
• Microsoft 365 Defender for Endpoint detects and prevents attack kill-chain
• Microsoft 365 Defender for Endpoint detects attacks on Linux systems

Description:
Today's cybercriminals have a hard time: antiviruses, whitelisting, intrusion detection systems, etc. are used by many companies around the world. However, the number of security incidents is on the rise. While defenders implement security features, attackers learn to bypass them. Defenders should also learn evasion techniques to keep up with attackers. Get insights on Windows 11 security bypass in advanced scenario-based sessions. Live demos only.The session contains:

• Preparing the payload
• Microsoft Defender AV Evasion 
• What about Powershell payloads?
• AMSI bypass Downloading the payload
• Attack Surface Reduction bypass
• Executing the payload
• Abusing Applocker configurations
• Covering the tracks
• Ransomware vs Controlled Folder Access

What you will learn:

• Well-known built-in Windows security configurations may be bypassed
• Defender for Endpoint should be implemented
• Built-in Windows security may be configured and monitored better

Description:
Come along a learn about the new controls that now exist on Windows, and macOS to enable fine-grain controls of using removable media, that exist alongside Endpoint DLP which can ensure corporate data is classified on the fly to the exfiltration of corporate data.

What you will learn:

• New removable media controls in Microsoft Defender for Endpoint
• How Endpoint DLP can police your corporate data while you sleep.
• Reporting of the data leaving your network