AISA Webinar | Cloud Branch

Share this page

AISA Webinar | Cloud Branch | 22 April 2026

Hosted by the AISA Cloud Branch, please join us for a webinar "How to Steal Credentials and Bypass MFA (For Educational Purposes, Of Course)" with guest speakers Aaron Jacobs and Asha Castle. They will explore research into the global impact of credential stealing campaigns at scale.

Webinar Title: How to Steal Credentials and Bypass MFA (For Educational Purposes, Of Course)

Think MFA is your get-out-of-breach-free card? Think again. In this demo-packed session, Aaron and Asha will showcase how attackers are using tools like Evilginx to steal credentials and bypass MFA like it's 1999 and no one's watching. From phishing pages that mirror the real thing to session hijacking so seamless you'd swear it was magic - this is the side of adversary tradecraft that defenders need to see to believe.

But it’s not just a “look what the bad guys can do” show. Aaron and Asha will connect the dots between these tactics and what we see happening next every single day as they explore research into the global impact of these credential stealing campaigns at scale.

You’ll walk away with a better understanding of the tools, the techniques, the scale of these attacks and global campaigns, but more importantly, how to spot and stop them before your users become someone else’s remote desktop shortcut.

Participants will have the opportunity to ask questions of the speakers. The webinar will be recorded and shared with registered AISA members within 7 days post webinar. AISA's Cloud Branch webinar is available exclusively to all AISA members.

Speaker 1:

Aaron Jacobs, Principal Solutions Engineer - Sophos
Aaron is a Principal Solutions Engineer, specialising in Global Security Operations and Emergency Incident Response. With more than 25 years of experience in the IT industry, Aaron has delivered a variety of successful projects both with Sophos and as a general manager of a leading Australian Managed Services Provider. Aaron has enabled a range of organisations to grow in an ever-changing business and thread landscape, utilising his skills as a systems engineer and consultant to advise customers on cyber security and business continuity. He is an experienced speaker and established thought leader in the MSP space and cyber security industry.

Speaker 2:

Asha Castle, Threat Analyst II - Sophos
Asha has more than two years of hands-on experience in Security Operations Center (SOC) environments. She specialises in threat detection and triage, security event analysis, investigation, threat hunting, and end-to-end incident response. Leveraging her experience with adversary tactics, techniques, and procedures, Asha helps protect organisations and customer networks by identifying, containing, and remediating advanced threats across diverse customer environments within an evolving threat landscape. She operates effectively in high-pressure, time-critical scenarios, delivering rapid response, high-fidelity analysis, and detailed investigative outcomes to support Sophos' global managed detection and response operations.

Register:
This webinar is free and only available to AISA Members. To register please click here

Not an AISA member? To become an AISA member you can join here

Date: Wednesday 22 April 2026

Time: 12:00pm - 1:00pm (AEST). Please take into consideration your time zone.

If you need assistance or have any questions regarding this event, please contact AISA's event team, via email [email protected]

Participate in the webinar:

Please note that you will need to register in Zoom and provide a valid email, so that you can receive the unique registration link to log into the webinar
Use the Zoom webinar link and we recommend connecting to the webinar at least 5 minutes prior to the start time
You will require a strong and stable internet connection
It is recommended you use a headset or headphones for a better sound experience
A recording of the live session will be available for registered AISA members within 7 days of the webinar

Disclaimer:

AISA presentations are intended for educational purposes only. Statements of fact and opinions expressed are those of the participants individually and, unless expressly stated to the contrary, are not the opinion or position of AISA, its sponsors, or its partners. AISA does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented. Attendees should note that sessions may be recorded and published in various media, including print, audio and video formats without further notice.

AISA has evaluated the use of Zoom based on the Traffic Light Protocol which was facilitated for greater information sharing. AISA webinars are considered TPL White as the information contains minimal or no foreseeable risk of misuse. In addition AISA has evaluated the use of Zoom for this purpose as aligned to ACSC Web Conferencing Security, April 2020, see link at https://www.cyber.gov.au/publications/web-conferencing-security and has implemented controls to minimise risks. You are required to register for the webinar via the Zoom platform. Please refer to the Zoom privacy policy here - https://zoom.us/privacy

When

22/04/2026 12:00 PM - 1:00 PM
AUS Eastern Standard Time

Where

Online Webinar AUSTRALIA