BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//cfp.troopers.de//tr26-cfp//speaker//RY3TBP
BEGIN:VTIMEZONE
TZID:CET
BEGIN:STANDARD
DTSTART:20001029T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-tr26-cfp-RSHZP9@cfp.troopers.de
DTSTART;TZID=CET:20260625T154500
DTEND;TZID=CET:20260625T161500
DESCRIPTION:On-prem ransomware is a crowded business: lots of competition\,
  and when defenders do things right\, backups are hard to kill. That pushe
 s attackers to look for easier wins — and Microsoft 365 is an appealing 
 target. Many organizations still rely mainly on “on-prem era” security
  technologies like AV/EDR\, NGFW\, sandboxes\, or network-based IPS. Those
  tools can be great for endpoints and networks\, but they don’t cover cl
 oud services — which creates a blind spot. And it’s not a small one: M
 icrosoft 365 isn’t a marginal service anymore\, it’s a core part of th
 e infrastructure for a majority of organizations.\n\nI believe cloud-focus
 ed ransomware is coming\, and it’s worth understanding how it could work
  in practice. In this talk I’ll share the current state of the art and h
 ow attackers could evolve it.
DTSTAMP:20260627T175744Z
LOCATION:Track 2
SUMMARY:RansomCloud: Ransomware Operations in Microsoft 365 - Martin Haller
URL:https://cfp.troopers.de/tr26-cfp/talk/RSHZP9/
END:VEVENT
END:VCALENDAR