Infosec In the City, SINCON 2025 Conference

⚠️ You need a SINCON 2025 conference ticket to attend the conference. RSVP here on Meetup.com doesn't grant you access to the conference. ✨ Get your tickets at https://event.cybersecuritysg.com/39kL3✨

Dive into the forefront of cybersecurity at SINCON 2025, the premier conference for cybersecurity professionals, practitioners, and enthusiasts seeking to expand their expertise and network with industry leaders. This year’s SINCON promises an unparalleled lineup of sessions that cater to every aspect of the cybersecurity realm.

Why Attend?

• Learn From the Best: Engage with world-class experts delivering deep-dive sessions on cutting-edge topics.
• Hands-On Experience: Participate in interactive workshops designed to challenge and refine your technical skills.
• Breakthrough Insights: Discover the latest research and trends from experts tackling the most pressing cyber threats.
• Expand Your Network: Connect with fellow practitioners, thought leaders, and innovators in the cybersecurity community.
• Career Advancement: Equip yourself with knowledge, insights, and skillsets that could propel your portfolio to new heights.

SINCON is not just another cybersecurity conference; it is a an experience where practical knowledge meets real-world problem-solving. Whether you’re an experienced professional or an aspiring cybersecurity expert, SINCON 2025 will push you beyond the boundaries of your day-to-day work and inspire you to reach new levels of mastery.

Featured Talks:

Keynote: "NATO 360 Degree Approach to Security & the Cooperation with Partners" by Pietro De Matteis

Abstract
NATO is a regional organisation focusing on the security and defence of the transatlantic space. As threats become increasingly interconnected, NATO's engagement and cooperation with partners across the globe are essential to enhance our collective resilience. The intervention will explore NATO’s evolving 360-degree security approach, emphasizing its strategic cooperation with Indo-Pacific partners and approach to cyber defence. The session highlights key initiatives and joint efforts that enhance interoperability and deterrence in an era of multidimensional and interconnected challenges.

"Anti Confiture: An Otter Has A Sweet Tooth" by Masaya Motoda & Rintaro Koike

⚠️ THIS TALK IS TLP:RED ⚠️
This session is classified as TLP:RED under the Traffic Light Protocol. The information shared is strictly confidential and not to be shared outside of this session.

Abstract
WaterPlum is a threat group attributed to North Korea and is also referred to as UNC5342 or Famous Chollima. The group conducts attacks with the primary goal of financial gain, targeting financial institutions, cryptocurrency businesses, and FinTech companies worldwide. Since around 2023, WaterPlum has been using malware known as BeaverTail and InvisibleFerret, but in September 2024, they began deploying a new malware strain. We have identified this malware as OtterCookie.
In this presentation, we will first examine how WaterPlum utilises OtterCookie, including its attack flow and capabilities. Next, we will provide a detailed analysis of OtterCookie's C&C servers, revealing a critical bug present in the infrastructure. This bug has allowed us to gain insights into how WaterPlum develops and operates OtterCookie, offering a deeper understanding of their activities. Finally, we will compare our findings with prior research, demonstrating that our insights are consistent with reports from other organisations.
Through this presentation, the audience will gain a comprehensive understanding of OtterCookie, WaterPlum's latest malware, and an inside look into WaterPlum's operational tactics. This knowledge will be invaluable for SOC, IR, and CSIRT professionals in enhancing their defence strategies.

"DarkMesh: A Knowledge Graph-Enhanced Blue Team Monitoring Tool for Telegram" by Yuki Hung

Abstract
In today’s cybersecurity landscape, many criminal groups leverage Telegram as a platform for community management and instant messaging, facilitating the announcement and discussion of illicit activities. Telegram groups are flooded with a vast amount of messages, much of which are noise. This project aims to develop a system for securely monitoring and analyzing discussion content within Telegram groups. Our primary objective is to transform chaotic and large chat data into valuable intelligence that can assist organizations and blue teams in threat prevention. We propose to achieve this through the following approaches:
Secure Data Acquisition: Designing an operational security (OpSec) process that enables safe and covert infiltration into Telegram groups associated with potential criminal activities.
Knowledge Graph Construction: Employing techniques such as knowledge graphs and large language models (LLMs) to convert chat data into visualized relational networks, allowing blue team members to grasp complex interaction patterns intuitively.
Messages to Threads to Articles: Automatically extracting relevant topics from extensive conversation records, reorganizing them into thematic conversation threads, and ultimately generating comprehensive reports. These reports will help organizations rapidly identify threatening content and emerging trends.
This system is expected to significantly reduce the reliance on human resources, enabling blue teams to respond more efficiently to the cyber threat landscape and to develop more robust defense strategies.

... and SO much more!

🔥🔥 Check out the complete schedule here: https://www.infosec-city.com/schedule/sin25-con

Join us for a transformative experience that will redefine the way you approach cybersecurity. Secure your spot at SINCON 2025 and be part of the vanguard shaping the future of our digital world.

✨ Get Your Tickets Now! [https://event.cybersecuritysg.com/39kL3 ](https://event.cybersecuritysg.com/39kL3) ✨