SAS 2019 to Tackle APTs, Supply Chains and More

2019-04-04T11:00:07
ID THREATPOST:46DFE8C69A81FDD41C7410BB66CF24A9
Type threatpost
Reporter Tom Spring
Modified 2019-04-04T11:00:07

Description

Kaspersky Lab’s Security Analyst Summit kicks off in Singapore next week, where elite researchers, top cybersecurity firms and global law-enforcement agencies will discuss today’s biggest cybersecurity threats and how best to squash them.

This year marks the first time the global security conference makes its way to Asia Pacific, home to high-tech, wired cities such as Tokyo, Seoul, Hong Kong and Melbourne. Of course, Threatpost will be there and covering the event, filing daily news, podcasts and videos. Dedicated coverage begins in earnest on Tuesday.

The invite-only security conference will be held April 9 -10 and features high-level keynotes from a cadre of Kaspersky Lab researchers, but also the likes of supply-chain expert Joe FitzPatrick with SecuringHardware.com, Maddie Stone, a security engineer with Google’s Android Security team, independent researcher Andrew “bunnie” Huang, Kris McConkey, the lead for PwC’s Cyber Threat Detection and Response team, Staffan Truvé, co-founder and CTO of Recorded Future and dozens more.

What’s the buzz this year? Based on a scan of the agenda and sessions, advanced persistent threat (APT) groups, insecure supply chains, mobile malware and critical infrastructure protection are some of the dominant themes.

Also in the mix, expect Kaspersky researchers to take a deep technical dive into the massive supply chain attack dubbed “ShadowHammer.” Last week, Kaspersky reported hackers infected Asus laptops with malware by hijacking the Asus Live Update software that comes preinstalled on the company’s PCs. The investigation is ongoing, and Kaspersky is expected to release a full report on its findings at SAS 2019.

Another interesting first for SAS includes “SAS Unplugged”, described by conference organizers as a mini-conference geared toward students and budding researchers. The special day of training takes place on April 10 and was designed as a “way to give back to the security research community,” Kaspersky said.

There, cybersecurity experts from Kaspersky Lab, PS&C Group and Cisco Talos will “providing workshops, presentations, technical classes and career advice.”

Researchers will demo a worst-case scenario attack against a car’s Tire Pressure Monitoring System (TPMS) feature during that morning’s training sessions. The vulnerability “could potentially result in harming people and loss of lives,” organizers said.

Also on tap for April 10 is a special business track, focused on “the forces transforming cybersecurity in 2019 and beyond.” It will include sessions a live broadcast cyber-threat presentation and panel debate (moderated by Threatpost’s Tara Seals), featuring Simon Piff, IDC; Alexander Moiseev, Kaspersky Lab; and Juan Andrés Guerrero-Saade, Chronicle Security.