Лектор: Yekaterina Shevchenko, която е Red Team Specialist & Team Lead | Offensive Security Expert | OSCP | OSEP | CRTO | ARTE | CRT-ID | MCRTA | CREST CPSA & CRT
Social engineering attacks don’t always go as planned: links get blocked, employees notice something suspicious, or filters strip content. But real attackers adapt, and these “failures” can become new opportunities.
This session will share cases from red team engagements where initial attempts failed, but improvisation led to even greater success. One campaign, blocked at first, became effective after a follow-up “incident response notice” that achieved 75% engagement. Another case used a company’s own domain with a JavaScript injection flaw to bypass awareness advice and gain trust.
Attendees will learn how adaptive attacker behavior challenges awareness training and how organizations can prepare for it.