Botconf 2023 Thursday | 11:10 – 11:55 Long presentation Yara Studies: A Deep Dive into Scanning Performance Dominika Regéciová 🗣 You probably know this scenario – you spent a while analyzing new samples, which was not easy, but you’re finally done. You also created a neat Yara rule to match the samples, and you’re ready […]
Yara Studies: A Deep Dive into Scanning Performance Read More »
Botconf 2023 Thursday | 12:00 – 12:40 Long presentation MCRIT: The MinHash-based Code Relationship & Investigation Toolkit Daniel Plohmann 🗣 | Daniel Enders | Manuel Blatt Ever since launching Malpedia [1] at Botconf 2017, we continuously maintained and expanded our community-driven data set with the vision of exploring new ways to leverage it effectively for the research of and
MCRIT: The MinHash-based Code Relationship & Investigation Toolkit Read More »
Botconf 2023 Thursday | 14:00 – 14:45 Long presentation Operation drIBAN: insight from modern banking frauds behind Ramnit Federico Valentini 🗣 | Alessandro Strino 🗣 During the last three years, we have tracked and closely analyzed a specific TA, intending to infect Windows workstations on corporate environments trying to alter legitimate banking transfers performed by the victims.
Operation drIBAN: insight from modern banking frauds behind Ramnit Read More »
Botconf 2023 Thursday | 14:50 – 15:20 Long presentation Catching the Big Phish: Earth Preta Targets Government, Educational, and Research Institutes Around the World Nick Dai 🗣 | Vickie Su | Sunny W Lu We have been monitoring a wave of spear-phishing attacks targeting the government, academic, foundations, and research sectors around the world. Based on the lure documents
Botconf 2023 Wednesday | 11:20 – 11:50 Short presentation Perfect Smoke and Mirrors of Enemy: Following Lazarus group by tracking DeathNote campaign Seongsu Park 🗣 Prime suspects behind the Sony Pictures Entertainment cyberattack, Wannacry outbreak are a hacker collective known as Lazarus Group with associations with the Pyongyang regime. This notorious adversary is one of
Botconf 2023 Tuesday | 13:00 – 16:30 Workshop Using systematic code reuse analysis to create robust YARA rules Jonas Wagner 🗣 | Carlos Rubio Ricote 🗣 | David Pastor Sanz 🗣 YARA is a commonly used tool to detect and identify malware. There are roughly two types of YARA rules used on binary files: 1) based on metadata and
Using systematic code reuse analysis to create robust YARA rules Read More »
Botconf 2023 Tuesday | 12:30 – 18:00 Workshop Malware forensics from a distance Vitaly Kamluk 🗣 | Nicolas Collery 🗣 This workshop aims to share knowledge of live triage and analysis of remote compromised systems to assist incident response, digital forensics, or malware discovery and in-place analysis. There are many other applications of the techniques and tools
Malware forensics from a distance Read More »
Botconf 2023 Tuesday | 12:30 – 18:00 Workshop One SMALI step for man, one giant step for researchers Gabriel Cirlig 🗣 This will be a simple and short introduction into Android reverse engineering, taking the student from zero to hero. No previous reversing knowledge is required and all of the tools will be provided in
One SMALI step for man, one giant step for researchers Read More »
Digital threats against civil society in the rest of the world Botconf 2023 Wednesday2023-04-22 | 16:00 – 16:30 Martijn Grooten 🗣 This presentation will discuss digital threats against civil society groups outside the West: journalists and independent media organizations, human rights activists, defenders of minorities’ rights, women’s rights organizations etc. On top of the digital
Digital threats against civil society in the rest of the world Read More »
Cyber Swachhta Bharat- India’s answer to botnet and malware ecosystems? Botconf 2023 Wednesday2023-04-22 | 16:35 – 17:00 Pratiksha Ashok 🗣 In 2014, the Government of India launched its Swachh Bharat Abhiyan (Clean India Mission). Phase 2 of this mission began in 2020 to cement the progress of Phase 1. The mission to clean India was
Cyber Swachhta Bharat- India’s answer to botnet and malware ecosystems? Read More »