Inside the Shadows: Tracking RaaS Groups and Evolving Cyber Threats

This comprehensive talk will provide an in-depth exploration of advanced threat hunting strategies, showcasing the methodologies employed in our recent reporting on the Decline of Black Basta. Attendees will learn how we tracked threat actor activity on the dark web, specifically focusing on Black Basta, to uncover emerging tactics, affiliations, and operational insights through analysis of illicit forums and marketplaces.

The presentation will delve into techniques for monitoring the activities of ransomware-as-a-service (RaaS) groups, including how shifts in membership and operational practices occur after disbandment. Further, we will discuss how to harness investigation telemetry to detect and analyze evolving tactics, techniques, and procedures (TTPs). These approaches enable organizations to anticipate sophisticated cyber campaigns and proactively bolster their defensive strategies.

By the end of this session, attendees will have actionable insights and practical methodologies to strengthen their threat detection capabilities, ensuring they stay ahead in the rapidly evolving cybersecurity landscape.