Botconf presentation or article

You OTA Know: Combating Malicious Android System Updaters

Botconf 2023 Wednesday  | 14:50 – 15:30 Long presentation You OTA Know: Combating Malicious Android System Updaters Łukasz Siewierski 🗣 | Alec Guertin 🗣 Over-the-air (OTA) updates are a crucial part of the Android operating system. The updates are signed and applied by the operating system, but the process of checking for new updates, downloading the files […]

You OTA Know: Combating Malicious Android System Updaters Read More »

From Words to Intelligence: Leveraging the Cyber Operation Constraint Principle, Natural Language Understanding, and Association Rules for Cyber Threat Analysis

Botconf 2023 Friday  | 09:30 – 09:55 Short presentation From Words to Intelligence: Leveraging the Cyber Operation Constraint Principle, Natural Language Understanding, and Association Rules for Cyber Threat Analysis Ronan Mouchoux 🗣 | François Moerman 🗣 This presentation describes a system ingesting natural language threat report using Natural Language Processing to generate a graph-based model using the

From Words to Intelligence: Leveraging the Cyber Operation Constraint Principle, Natural Language Understanding, and Association Rules for Cyber Threat Analysis Read More »

Boss, our data is in Russia – a case-based study of employee criminal liability for cyberattacks

Botconf 2023 Friday  | 10:00 – 10:30 Long presentation Boss, our data is in Russia – a case-based study of employee criminal liability for cyberattacks Luca Brunoni 🗣 | Olivier Beaudet-Labrecque 🗣 | Renaud Zbinden This presentation discusses employee liability in the context of cyber-attacks, with a focus on ransomware cases. We aim to present a series of case

Boss, our data is in Russia – a case-based study of employee criminal liability for cyberattacks Read More »

Asylum Ambuscade: Crimeware or cyberespionage?

Botconf 2023 Friday  | 10:35 – 11:05 Long presentation Asylum Ambuscade: Crimeware or cyberespionage? Matthieu Faou 🗣 Asylum Ambuscade is a threat group that came under research scrutiny after it targeted European government personnel in late February 2022, just after the beginning of the Russia-Ukraine war. During the intervening months, dozens of different threat actors

Asylum Ambuscade: Crimeware or cyberespionage? Read More »

When a botnet cries: detecting botnets infection chains

Botconf 2023 Friday  | 11:30 – 12:10 Long presentation When a botnet cries: detecting botnets infection chains Erwan Chevalier 🗣 | Guillaume Couchard 🗣 Infection chains used by commodity malware are frequently evolving and are using various tricks to bypass security measures and/or user awareness. BumbleBee, QNAPWorm, IcedID, and Qakbot, all of these wicked threats are frequently

When a botnet cries: detecting botnets infection chains Read More »

Tracking residential proxies (for fun and profit)

Botconf 2023 Friday  | 12:15 – 12:45 Long presentation Tracking residential proxies (for fun and profit) Paweł Srokosz 🗣 | Michał Praszmo 🗣 Responding to the incidents as a Polish national CERT, we very often come across attackers using proxies and/or VPNs to hide their identity. While distinguishing well-known IP sources such as NordVPN or TOR has

Tracking residential proxies (for fun and profit) Read More »

Bohemian IcedID

Botconf 2023 Friday  | 13:45 – 14:25 Long presentation Bohemian IcedID Josh Hopkins 🗣 | Thibault Seret 🗣 This talk provides an insight into Team Cymru’s tracking of IcedID over the past 24 months, following its transition from banking trojan to all-round loader malware. We will demonstrate how we identify potential bot and loader C2 infrastructure through

Bohemian IcedID Read More »

Life on a Crooked RedLine: Analyzing the Infamous InfoStealer’s Backend

Botconf 2023 Friday  | 14:30 – 15:00 Long presentation Life on a Crooked RedLine: Analyzing the Infamous InfoStealer’s Backend Alexandre Côté Cyr 🗣 | Mathieu Lavoie 🗣 RedLine Stealer, first observed in 2020, is one of the most widely known infostealer malware. It operates on a Malware-As-A-Service (MaaS) model and is sold via forums and Telegram where

Life on a Crooked RedLine: Analyzing the Infamous InfoStealer’s Backend Read More »

The Plague of Advanced Bad Bots : Deconstructing the Malicious Bot Problem

Botconf 2023 Friday  | 15:05 – 15:30 Short presentation The Plague of Advanced Bad Bots : Deconstructing the Malicious Bot Problem Yohann Sillam 🗣 Nowadays, advanced bad bots constitute a plague on the Internet. Their threat landscape is very diverse, ranging from massive account creation aimed at influencing state elections to DDoS bots. Advanced bots

The Plague of Advanced Bad Bots : Deconstructing the Malicious Bot Problem Read More »

From GhostNet to PseudoManuscrypt – The evolution of Gh0st RAT

Botconf 2023 Thursday  | 09:00 – 09:40 Long presentation From GhostNet to PseudoManuscrypt – The evolution of Gh0st RAT Jorge Rodriguez 🗣 | Souhail Hammou 🗣 The Gh0st Remote Access Trojan is a long-standing threat dating back to 2001 that is still active to this day. Following its release to the public in 2008 as version 3.6

From GhostNet to PseudoManuscrypt – The evolution of Gh0st RAT Read More »

Scroll to Top