Getting Your Hands Dirty: How to Analyze the Behavior of Malware Traffic and Web Connections Botconf 2016 Tuesday | 14:00 – 17:30 Veronica Valeros 🗣 | Sebastián García 🗣 Nowadays there are a lot of tools to analyze traffic, but the most important thing to have is the experience and knowledge of a malware analyst. The goal […]
Locky, Dridex, Necurs: the evil triad Botconf 2016 Wednesday | 11:20 – 12:00 Jean-Michel Picod 🗣 While Locky and Dridex inner working are well understood as they have been on the news all year long, how their distribution system operate is still relatively unknown as it is only seen by email providers.In this talk we
Locky, Dridex, Necurs: the evil triad Read More »
Visiting the Bear’s Den Botconf 2016 Wednesday | 12:05 – 12:55 Jessy Campos 🗣 | Joan Calvet 🗣 Sednit, a.k.a. Fancy Bear/APT28/Sofacy, is a group of attackers operating since at least 2004 and whose main objective is to steal confidential information from specific targets. Over the past two years, this group’s activity increased significantly, in particular with
Visiting the Bear’s Den Read More »
LURK – The Story about Five Years of Activity Botconf 2016 Wednesday | 14:00 – 14:30 Vladimir Kropotov 🗣 | Fyodor Yarochkin 🗣 Lurk activity was solely in Russia slince late 2011, but the technologies they use became noisy, when it appeared in the “World Market” years later. We were able to track activity despite the low
LURK – The Story about Five Years of Activity Read More »
Browser-based Malware: Evolution and Prevention Botconf 2016 Wednesday | 14:35 – 15:05 Andrey Kovalev 🗣 | Evgeny Sidorov 🗣 Nowadays web technologies allow users to make a lot of their work online. Cloud services, social networks, online games etc. are gaining more and more popularity and are replaicing desktop applications and offline stuff. Web-browsers also offer special
Browser-based Malware: Evolution and Prevention Read More »
Language Agnostic Botnet Detection Based on ESOM and DNS Botconf 2016 Wednesday | 15:10 – 15:30 Christian Dietz 🗣 | Rocco Mandrysch 🗣 | Urs Anliker | Gabi Dreo Botnets enable various cyber-criminal activities, like DDoS, banking fraud, data theft and extortion. Current botnet detection approaches face many challenges, for example, peer-to-peer infrastructures and domain fast-flux or encrypt the command and
Language Agnostic Botnet Detection Based on ESOM and DNS Read More »
Just a normal phishing Botconf 2017 Lightning talks Peter Wälti 🗣 Edit
Just a normal phishing Read More »
Context enrichment in IR Botconf 2017 Lightning talks Antoine Méric 🗣 Edit
Context enrichment in IR Read More »
Yet another sandbox evasion Botconf 2017 Lightning talks 0xMitsurugi 🗣 Edit
Yet another sandbox evasion Read More »