Hunting and Detecting APTs using Sysmon and PowerShell Logging Botconf 2018 Thursday | 11:10 – 11:50 Tom Ueltschi 🗣 Many security professionals and Blue Team members appreciate a good and detailed written APT report by any renowned security company. This is especially true, if they document and explain some new and stealthy technique that was […]
Hunting and Detecting APTs using Sysmon and PowerShell Logging Read More »
Everything Panda Banker Botconf 2018 Thursday | 14:40 – 15:10 Dennis Schwarz 🗣 The Panda Banker malware was first spotted in the wild in early 2016. It has since seen consistent development, gained a significant threat actor user base, and has become one of the most advanced and persistent banking malwares in the current threat
Everything Panda Banker Read More »
Internals of a Spam Distribution Botnet Botconf 2018 Thursday | 09:00 – 09:50 Jose Miguel Esparza 🗣 Cybercriminals use different methods to distribute malware like malicious advertisements, Exploit Kits, loaders or spam campaigns. Unless an attack is really targeted the bad guys will try to infect as many computers as possible and they need some
Internals of a Spam Distribution Botnet Read More »
The Dark Side of the ForSSHe Botconf 2018 Thursday | 16:30 – 17:20 Romain Dumont 🗣 | Hugo Porcher 🗣 In February 2014, ESET researchers from Montreal published a report on a group who compromised more than 40,000 Linux servers worldwide since 2011. ESET named this campaign Windigo. At the centre of this operation, Ebury, an OpenSSH
The Dark Side of the ForSSHe Read More »
Mirai: Beyond the Aftermath Botconf 2018 Friday | 10:10 – 10:40 Rommel Joven 🗣 | David Maciejak | Jasper Manuel Two years have passed since Mirai unleashed its wrath to the world by targeting high profile victims. Many things have happened since then, the good, the author responsible has already been convicted, the bad, source code was released to
Mirai: Beyond the Aftermath Read More »
Leaving no Stone Unturned – in Search of HTTP Malware Distinctive Features Botconf 2018 Friday | 11:10 – 11:50 Piotr Białczak 🗣 When we analyze malware C&C network traffic we often see that it contains HTTP protocol. Sometimes the messages are obfuscated and sometimes sent as plain text. They can be intentionally crafted to look
Leaving no Stone Unturned – in Search of HTTP Malware Distinctive Features Read More »
Stagecraft of Malicious Office Documents – A Look at Recent Campaigns Botconf 2018 Thursday | 10:20 – 10:50 Nirmal Singh 🗣 | Deepen Desai 🗣 | Tarun Dewan 🗣 Malicious office documents have become a favorite malware delivery tool for malware authors. We have observed an increase in use of malicious documents over past 4 years. 30% of the
Stagecraft of Malicious Office Documents – A Look at Recent Campaigns Read More »
Let’s Go with a Go RAT! Botconf 2018 Friday | 11:50 – 12:20 Yoshihiro Ishikawa 🗣 | Shinichi Nagano 🗣 The Go language (GoLang) is an open source programming language developed by Google Inc. in 2009, and it can be run on various platforms such as Linux, Mac, Windows, Android.Speaking of malware using Golang, Mirai is one
Let’s Go with a Go RAT! Read More »
Judgement Day Botconf 2018 Thursday | 15:10 – 16:00 Thomas Siebert 🗣 – Suspsense 🙂 Edit
Tracking Actors through their Webinjects Botconf 2018 Friday | 12:20 – 13:00 James Wyke 🗣 Webinjects have been a feature of banking malware ever since they were popularised with great success by early families such as Zeus. In that time writing Webinjects has become a highly specialized skill with off-the-shelf Webinjects systems becoming as popular
Tracking Actors through their Webinjects Read More »