Next talk was business email compromises by Nigerian scammers, Chris Yule (CTU). Covering the GOLD GALEON group, Business email scam methods in steps.
Mention of Park Jin Hyok, North Korea cyber criminal. The FBI inditement document contains many pages of tradecraft, included here: https://assets.documentcloud.org/documents/4834259/Park-Jin-Hyok-Complaint.pdf Attacks of Sony and a UK media firm included. The North Korean NICKEL GLADSTONE (NK) NICKEL CAMBIAN (NK)
COBALT GYPSY (IR) COBALT TRINITY (IR) aka APT33 COBALT URSHIN (IR) COBALT DICKENS (IR) aka Mabna COBALT HUEY (IR)
Solving Phishing - filtering works to a degree. Blue team phishing. Honeytrap accounts on social media are favoured by North Korea.
Attribution helps understand intent. Focus resources. Cluster of TTPs attribution.