Thursday, 31st July 2025
12:00pm - 02:00pm
WeWork Offices
Infotrust and CrowdStrike will be hosting a joint customer event in Melbourne on Thursday 31st of July 2025, at WeWork Offices, 120 Spencer Street, Level 22, Training Room 22A. This will be an exclusive technical event on CrowdStrike NG-SIEM and will include an immersive threat hunting experience as the participants will leverage the CrowdStrike platform to track and disrupt Curly Spider, a sophisticated adversary known for its aggressive social engineering tactics and rapid lateral movement.
The hands-on experience will challenge participants to uncover and neutralise an active attack, leveraging the Falcon Next-Gen SIEM’s powerful analytics, threat intelligence, can automated response capabilities.
CURLY SPIDER, a financially motivated threat actor, has evolved its initial access methods—once reliant on Citrix exploits, now favouring social engineering attacks. This adversary floods inboxes with phishing emails before launching voice phishing (vishing) attacks, impersonating IT support to convince users to install Remote Monitoring and Management (RMM) tools like AnyDesk. Once inside, they execute credential theft, lateral movement, and data exfiltration, often using curl.exe to pull additional payloads.
Goran Lepan
Manager, Sales Engineering
Infotrust
Ashley Eksteen
Solution Architect, Australia
CrowdStrike
Sandeep Karwall
Channel Solution Architect
CrowdStrike
Ingest and analyse real-world adversary activity, correlating endpoint, identity, email, and network telemetry to uncover signs of compromise.
Investigate an insider attack scenario, pivoting from email-based reconnaissance to RMM tool deployment and C2 beaconing using advanced event searches.
Hunt for adversary techniques including spam flooding, unauthorized credential use, and identity-based attacks.
Leverage Falcon Intelligence to enrich incidents with real-time threat actor insights, linking tactics to CURLY SPIDER’s known behaviour.
Execute rapid response actions with Falcon Fusion SOAR, automating containment for compromised accounts, blocking malicious IPs at the firewall, and disrupting adversary persistence.
Apply advanced threat hunting techniques to proactively detect stealthy adversary movement before detections are triggered.
Lunch and refreshments will be available and served upon arrival.
Register now for this exclusive event and secure your place among other cyber security professionals. We look forward to seeing you there.