Hiren Sadhwani
Cyber Threat Hunter
Inspira Enterprise
Hiren Sadhwani, working as Sr Threat Hunter at Inspira Enterprise, specializes in DFIR, threat intelligence, and hunting. Ex-PwC & Forescout, he has helped Fortune 500s orgs defend against threats and spoken at SANS Ransomware & Blue Team Summits.
Speaker sessions
Beyond Phishing: Hunting Modern Initial Access via Social Engineering and SEO Tricks
As defenders get better at blocking traditional phishing and malware, attackers are shifting tactics — focusing on trust exploitation, platform impersonation, and search engine abuse to gain initial access. In this talk, we'll focus on three emerging techniques that are being increasingly seen in the wild:ClickFix Attacks – where users are tricked into clicking fake “remediation” buttons sent via email, leading to credential theft or remote access tool drops.Email Bombing + Helpdesk/Teams Impersonation – attackers flood inboxes to hide legitimate alerts, then impersonate internal IT or helpdesk to trick users into giving access.SEO Poisoning – malicious actors poison Google/Bing results with fake software updates or cracked tools that deliver malware on download.For each of these techniques, we'll walk through:Real-world attack examples and payload delivery methodsHow adversaries exploit trust and urgencyTechnical attack flow (from delivery to execution)Threat hunting strategies using various log sourcesExample KQL and Sigma detection queriesActionable recommendations for prevention and detectionWhether you're part of a SOC, detection engineering team, or a CTI unit, this talk will equip you with practical insights to detect these modern access techniques before they escalate.
- 16:20
- Wed
- 03 Dec
Stage:
Briefings 2
Sessions Type:
Presentation