Should We Care About Formula Injection?
Should We Care About Formula Injection? Botconf 2022 Lightning talks Austin Turecek 🗣 Edit PDF
Should We Care About Formula Injection? Read More »
Crowdsourcing the demise of Twitter’s business model
Crowdsourcing the demise of Twitter’s business model Botconf 2022 Lightning talks Ivan Kwiatkowski 🗣 Edit PDF
Crowdsourcing the demise of Twitter’s business model Read More »
Advanced Persistent Speaker
Advanced Persistent Speaker Botconf 2022 Lightning talks Tom Ueltschi 🗣 Edit PDF
Advanced Persistent Speaker Read More »
Finding compromised upl.php devices
Finding compromised upl.php devices Botconf 2022 Lightning talks Patrice Auffret 🗣 Edit PDF
Finding compromised upl.php devices Read More »
Fluxxy Dissection
Fluxxy Dissection Botconf 2020 Tuesday | 13:30 – 14:00 Matthieu Kaczmarek 🗣 The first reference to Fluxxy is due to N. Summerlin and B. Porter in 2013 [1]. They describe a network of proxy dedicated to cybercrime operations. While this rogue hosting service has been running for nine years, its intelligence coverage remains low. Fluxxy
Inline Detection of Copy-Paste Botnet C&C
Inline Detection of Copy-Paste Botnet C&C Botconf 2020 Tuesday | 14:00 – 14:30 Jordan Garzon 🗣 | Asaf Nadler 🗣 The source code of botnets is often leaked online and re-used by new botnets. The re-use of source code assists bot-owners in quickly setting up their botnets, but it also inherits similarities to known botnets that can
Inline Detection of Copy-Paste Botnet C&C Read More »
An overview of the Botnet Simulation Framework
An overview of the Botnet Simulation Framework Botconf 2020 Tuesday | 14:30 – 15:00 Leon Böck 🗣 | Shankar Karuppayah | Max Mühlhäuser | Emmanouil Vasilomanolakis Conducting botnet research is oftentimes limited to the anal-ysis of active botnets. This prevents researchers from testing detectionand tracking mechanisms on potential future threats. Specifically in thedomain of P2P botnets, the configuration parameters, network churnand
An overview of the Botnet Simulation Framework Read More »
Your *aaS is on fire, or how threat actors (ab)use cloud providers
Your *aaS is on fire, or how threat actors (ab)use cloud providers Botconf 2020 Tuesday | 15:00 – 15:30 Maciej Kotowicz 🗣 In order to make a successful espionage campaign we need a couple things, one of them is infrastructure for both infection and exfiltration. Nowadays everyone was, is or will be moving their infra
Your *aaS is on fire, or how threat actors (ab)use cloud providers Read More »
Global threat hunting: how to predict attacks at preparation stage
Global threat hunting: how to predict attacks at preparation stage Botconf 2020 Tuesday | 15:30 – 16:00 Rustam Mirkasymov 🗣 During my researches at Group-IB on hacking groups activity I noticed that some trojan families use templates in communication processes and infrastructure used in attacks. The idea is to identify such templates and use them
Global threat hunting: how to predict attacks at preparation stage Read More »
xOSSig : Leveraging OS Diversity to Automatically Extract Malware Code Signatures
xOSSig : Leveraging OS Diversity to Automatically Extract Malware Code Signatures Botconf 2020 Thursday | 14:50 – 16:20 Michael Brengel 🗣 | Christian Rossow 🗣 We present an automated approach to extract code signatures that serve as the forensic fingerprint of a given malware program. Our high-level idea is to compare the memory contents of a sandbox
xOSSig : Leveraging OS Diversity to Automatically Extract Malware Code Signatures Read More »