Three Days of Learning and Connecting

CARO Workshop 2024 is the 17th annual conference event. CARO is focused on cybersecurity research and relevant cyber topics. Join us as we confront cyber threat research head-on. We will explore how groundbreaking research seamlessly integrates with actionable measures, shaping the future of our digital defenses. Dive into the intersection of research and practical solutions as we navigate the evolving threat landscape and challenges.

01

Wednesday

May 1, 2024

TBD

Registration

7:00 p.m.

CARO 2024 Welcome Reception at the International Spy Museum

02

Thursday

May 2, 2024

7:00 a.m.

Registration

7:00 a.m.

Breakfast

9:00 a.m.

Welcome Address

Michael Daniel, CTA

9:05 a.m.

Opening Keynote: Staying Ahead of State-Sponsored Cyber Threats: Insights, Techniques and Collaborative Defense

Michael Sikorski, Palo Alto Networks

9:30 a.m.

Hospitals, Airports, and Gas Stations — Modern Approach to Attributing Hacktivism Attacks Itay Cohen, Check Point Research

10:00 a.m.

SugarGh0st Attacks Uzbekistan Government and South Korea Asheer Malhotra, Cisco

10:30 a.m.

Coffee Break

11:00 a.m.

Telekopye: Professional Scamming by Putting a Mammoth in a Chamber Full of Neanderthals’ Secrets Righard Zwienenberg, ESET

11:30 a.m.

Global Insight into Changing Ransomware Techniques Brian Bartholomew, Rapid7

12:00 p.m.

Living Off the Land and in Your Routers Joseph Szczerba, FBI, and Bobby Thompson, CISA

12:30 p.m.

Lunch

2:00 p.m.

Open by Default: The Hidden Cost of Convenience in Network Security Aurelio Picon Lopez, CUJO AI

2:30 p.m.

From Exploits to Extortion: The Comprehensive Shift in Ransomware Strategies Clint Patterson & Doel Santos, Palo Alto Networks

3:00 p.m.

Visualize Breaches with Attack Flow Mark Haase, MITRE CTID

3:30 p.m.

Coffee Break

4:00 p.m.

How to Kill a Zombie: The Last Farewell to the Mozi Botnet Ivan Besina, ESET

4:30 p.m.

Closing Keynote: Creating Incentives for Improved Cybersecurity James Lewis, CSIS, & Jake Olcott, BitSight

7:00 p.m.

Gala Dinner

03

Friday

May 3, 2024

7:30 a.m.

Breakfast

8:00 a.m.

Registration

9:00 a.m.

Welcome Address

Michael Daniel, CTA

9:05 a.m.

Opening Keynote: Connecting Research to Cybersecurity Policy

Eric Goldstein, Executive Assistant Director for Cybersecurity (CSD)

9:30 a.m.

Unmasking UNC4841: Inside PRC Espionage Operations John Palmisano & Austin Larsen, Mandiant

10:00 a.m.

Direct-to-Consumer: A New (and Concerning) Ransomware Tactic Patrick Austin, Woods Rogers Vandeventer Black

10:30 a.m.

Coffee Break

11:00 a.m.

AI-Enhanced Cybercrime Landscape: Challenges, Theories, and Realities Luis Corrons, Gen

11:30 a.m.

Don’t Let the Importance of Cybersecurity PASS You By Jonathan Braley, IT-ISAC

12:00 p.m.

Leveraging Partnerships to Fight Cyber Criminals Stephanie Walker, FBI

12:30 p.m.

Lunch

2:00 p.m.

YoroTrooper: From Discovery to Attribution Asheer Malhotra , Cisco Talos

2:30 p.m.

From Credential Phishing to BEC: Tracking TA4903 Selena Larson, Proofpoint

3:00 p.m.

How to Detect Highly-Evasive Cobalt Strike C2 Traffic Yanhui Jia & Chris Navarrete, Palo Alto Networks

3:30 p.m.

Coffee Break

4:00 p.m.

From Sabotage to Espionage: How Russia’s Cyberwar in Ukraine Has Evolved Robert Lipovsky, ESET

4:30 p.m.

Closing Keynote: Demystifying the Ransomware Payment Ecosystem Taylor Grossman & Trevaughn Smith, Institute for Security and Technology

5:00 p.m.

Closing Wrap Up

Michael Daniel, CTA