Exploiting the Supply-Chain for Fun and Espionage

Bio: I currently work as a security researcher in the Cyber Threat Intelligence industry for a UK-based company, CYJAX. I also volunteer my spare time to work missing persons cases with the NCPTF, coordinate intelligence sharing with the CTI League to protect healthcare, support the community at The Many Hats Club, and help run the Curated Intelligence trust group.

Talk Contents: Summary and analysis of the SolarWinds supply-chain attack, adversary tradecraft, attribution, and the effectiveness of other supply-chain attacks for intelligence gathering and espionage