Does Your Threat Model Consider Country and Culture? A Case Study of Brazilian Internet Banking Security to Show That It Should

This course aims to highlight the importance of considering country and culture in threat modeling, using a case study of Brazilian internet banking security. The learning outcomes include understanding the unique characteristics of the Brazilian scenario that influence the development of threats and targeting of users. Participants will learn about the specific threats faced in Brazil, such as JAVA-based malware and Whatsapp-based banking transactions, and the need for personalized threat models and security evaluations. The course covers topics such as internet banking, desktop clients, file formats, tracking attackers, comparing scenarios, analyzing real datasets, and evaluating Brazilian malware against antiviruses and machine learning. The teaching method involves a case study presentation by an expert in the field. This course is intended for cybersecurity professionals, threat analysts, security researchers, and anyone interested in understanding regionalized threats in the cybersecurity landscape.