AISA Webinar: A scan of millions of Australian domains reveals compromised email supply chain

Share this page

Forgot?

Create a new account

AISA Webinar: A scan of millions of Australian domains reveals compromised email supply chain

Hosted by the AISA Victorian Branch, please join Sebastian Salla, who is a Cloud Security Architect at Palo Alto Networks, for an online presentation showcasing the results of a scan undertaken across millions of Australian domains and how organisations of all sizes had vulnerable email infrastructure.

Topic: A scan of millions of Australian domains reveals compromised email supply chain security
Hosted by the AISA Victorian Branch, please join Sebastian Salla, who is a Cloud Security Architect at Palo Alto Networks, for an online presentation showcasing the results of a scan undertaken across millions of Australian domains and how organisations of all sizes had vulnerable email infrastructure.

Curious to find out what happens when you perform OSINT at-scale? In this presentation we will discuss how a seemingly innocuous scan of 1.8 million Australian domains resulted in the email supply chain of 264 Australian organisations being compromised. We will then discuss how the migration of email infrastructure from private to public cloud environments has significantly elevated the risks associated to IP takeover attacks and how these attacks are practically performed.

The following topics will be discussed:

How phishing has evolved to where an overlooked technique can be exploited to favour the attackers
How email sender authentication is performed, and how public cloud environments that are ephemeral in nature can be taken advantage of by threat actors
Methods used to collate a target list that includes millions of domains, and methods used to scan the full IP supply chain of an SPF records and infrastructure
Process for cross referencing scanned AWS IPs against a repository of known SPF IP Addresses
How each of the affected organisations and their downstream customers are significantly more susceptible to business email compromise and phishing-related attacks

Participants will have the opportunity to ask questions. This webinar will be recorded and the recording will be made available to registrants.

Speaker:
Sebastian Salla is a Cloud Security Architect at Palo Alto Networks, and loves all things related to cloud and email security. During business hours he’s working on defensive tools, and after-hours he is working on many different projects including as the founder of CanIPhish.com.
https://www.linkedin.com/in/sebastian-salla/

Register:

This webinar is free and only available to AISA Members, please click on the registration link below:
https://us02web.zoom.us/webinar/register/WN_7PAWdwuLR-qVmeNatMMEVg

Not an AISA member? To become an AISA member you can join here

For any queries regarding this event, please contact AISA Event & Sponsorship Manager, Susanna Palermo via email [email protected] or visit our website www.aisa.org.au

Date: Tuesday 24 May 2022

Time Zones:

12:00pm - 1:00pm AEST (Brisbane, Canberra, Melbourne, Sydney & Hobart)
11:30am - 12:30pm ACST (Adelaide)
10:00am - 11:00am AWST (Perth)

Participate in the webinar:

Please note that you will need to register in Zoom and provide a valid email, so that you can receive the unique registration link to log into the webinar
Use this link and ensure you logon to the webinar at least 5 minutes prior to the start time
You will require a strong and stable internet connection
It is recommended you use a headset or headphones so you can hear the presentation
A recording of the live session will be available for registrants after the event

Disclaimer:

AISA presentations are intended for educational purposes only. Statements of fact and opinions expressed are those of the participants individually and, unless expressly stated to the contrary, are not the opinion or position of AISA, its sponsors, or its partners. AISA does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented. Attendees should note that sessions may be recorded and published in various media, including print, audio and video formats without further notice.

AISA has evaluated the use of Zoom based on the Traffic Light Protocol which was facilitated for greater information sharing. AISA webinars are considered TPL White as the information contains minimal or no foreseeable risk of misuse. In addition AISA has evaluated the use of Zoom for this purpose as aligned to ACSC Web Conferencing Security, April 2020, see link at https://www.cyber.gov.au/publications/web-conferencing-security and has implemented controls to minimise risks. You are required to register for the webinar via the Zoom platform. Please refer to the Zoom privacy policy here - https://zoom.us/privacy

When

24/05/2022 12:00 PM - 1:00 PM
AUS Eastern Standard Time

Where

Online webinar