Editorial team – Page 38

A student’s guide to free and open-source enterprise level malware analysis tooling

Botconf presentation or article / Editorial team

Botconf 2023 Thursday | 16:45 – 17:05 Invited talk A student’s guide to free and open-source enterprise level malware analysis tooling Max ‘Libra’ Kersten 🗣 Finding malware is not the difficult part, as it is prevalent due to the widespread malware campaigns which target consumers and companies alike. Samples are available in multitudes on sample […]

A student’s guide to free and open-source enterprise level malware analysis tooling Read More »

RAT as a Ransomware – An Hybrid Approach

Botconf presentation or article / Editorial team

Botconf 2023 Wednesday | 11:55 – 12:25 Long presentation RAT as a Ransomware – An Hybrid Approach Nirmal Singh 🗣 | Avinash Kumar 🗣 | Niraj Shivtarkar In the last few years we have seen a substantial growth in the Malware-as-a-Service (MaaS) market, this revenue model generates a high income revenue stream for the malware developers and also makes

RAT as a Ransomware – An Hybrid Approach Read More »

A dissection of the KmsdBot

Botconf presentation or article / Editorial team

Botconf 2023 Wednesday | 12:30 – 12:55 Short presentation A dissection of the KmsdBot Larry W. Cashdollar 🗣 | Allen West 🗣 The presentation will document the KmsdBot discovered and documented by Larry Cashdollar and Allen West. We will discuss the initial discovery, static and dynamic code analysis, some reverse engineering techniques in regard to Go lang

A dissection of the KmsdBot Read More »

Security Implications of QUIC

Botconf presentation or article / Editorial team

Botconf 2023 Wednesday | 14:00 – 14:45 Keynote Security Implications of QUIC Paul Vixie 🗣 | Ben April The Internet has long served as the Web’s communications substrate, and historically that has meant TCP/IP. TCP is a clear text reliable stream protocol which predates the Web by about two decades and is usually implemented in the operating

Security Implications of QUIC Read More »

You OTA Know: Combating Malicious Android System Updaters

Botconf presentation or article / Editorial team

Botconf 2023 Wednesday | 14:50 – 15:30 Long presentation You OTA Know: Combating Malicious Android System Updaters Łukasz Siewierski 🗣 | Alec Guertin 🗣 Over-the-air (OTA) updates are a crucial part of the Android operating system. The updates are signed and applied by the operating system, but the process of checking for new updates, downloading the files

You OTA Know: Combating Malicious Android System Updaters Read More »

From Words to Intelligence: Leveraging the Cyber Operation Constraint Principle, Natural Language Understanding, and Association Rules for Cyber Threat Analysis

Botconf presentation or article / Editorial team

Botconf 2023 Friday | 09:30 – 09:55 Short presentation From Words to Intelligence: Leveraging the Cyber Operation Constraint Principle, Natural Language Understanding, and Association Rules for Cyber Threat Analysis Ronan Mouchoux 🗣 | François Moerman 🗣 This presentation describes a system ingesting natural language threat report using Natural Language Processing to generate a graph-based model using the

From Words to Intelligence: Leveraging the Cyber Operation Constraint Principle, Natural Language Understanding, and Association Rules for Cyber Threat Analysis Read More »

Boss, our data is in Russia – a case-based study of employee criminal liability for cyberattacks

Botconf presentation or article / Editorial team

Botconf 2023 Friday | 10:00 – 10:30 Long presentation Boss, our data is in Russia – a case-based study of employee criminal liability for cyberattacks Luca Brunoni 🗣 | Olivier Beaudet-Labrecque 🗣 | Renaud Zbinden This presentation discusses employee liability in the context of cyber-attacks, with a focus on ransomware cases. We aim to present a series of case

Boss, our data is in Russia – a case-based study of employee criminal liability for cyberattacks Read More »

Asylum Ambuscade: Crimeware or cyberespionage?

Botconf presentation or article / Editorial team

Botconf 2023 Friday | 10:35 – 11:05 Long presentation Asylum Ambuscade: Crimeware or cyberespionage? Matthieu Faou 🗣 Asylum Ambuscade is a threat group that came under research scrutiny after it targeted European government personnel in late February 2022, just after the beginning of the Russia-Ukraine war. During the intervening months, dozens of different threat actors

Asylum Ambuscade: Crimeware or cyberespionage? Read More »

When a botnet cries: detecting botnets infection chains

Botconf presentation or article / Editorial team

Botconf 2023 Friday | 11:30 – 12:10 Long presentation When a botnet cries: detecting botnets infection chains Erwan Chevalier 🗣 | Guillaume Couchard 🗣 Infection chains used by commodity malware are frequently evolving and are using various tricks to bypass security measures and/or user awareness. BumbleBee, QNAPWorm, IcedID, and Qakbot, all of these wicked threats are frequently

When a botnet cries: detecting botnets infection chains Read More »

Tracking residential proxies (for fun and profit)

Botconf presentation or article / Editorial team

Botconf 2023 Friday | 12:15 – 12:45 Long presentation Tracking residential proxies (for fun and profit) Paweł Srokosz 🗣 | Michał Praszmo 🗣 Responding to the incidents as a Polish national CERT, we very often come across attackers using proxies and/or VPNs to hide their identity. While distinguishing well-known IP sources such as NordVPN or TOR has

Tracking residential proxies (for fun and profit) Read More »