Snoring Is Optional: The Metrics and Economics of Cyber Insurance for Malware Related Claims Botconf 2016 Wednesday | 16:55 – 17:35 Wayne Crowder 🗣 Insurance addresses the economics of security on the internet. Cyber insurance is sold to companies as a way to offset the risk and costs of a security incident. Governments, large enterprises […]
Hunting Droids from the Inside Botconf 2016 Wednesday | 17:40 – 18:20 Łukasz Siewierski 🗣 This talk will be a survey of different potentially harmful applications (PHAs), botnets and malware campaigns on Android that we encountered in 2016. I’ll walk through a variety of different malicious apps, explain the malware authors’ objectives and the techniques
Hunting Droids from the Inside Read More »
Ransomware & Beyond Botconf 2016 Thursday | 09:00 – 09:40 Christiaan Beek 🗣 Edit PDF
Ransomware & Beyond Read More »
Attacking Linux/Moose 2.0 Unraveled an EGO MARKET Botconf 2016 Thursday | 09:45 – 10:35 Masarah Paquet-Clouston 🗣 | Olivier Bilodeau 🗣 Want to give your blog a push or your “gun show” more views? Then why not buy 50,000 fake followers for $1,000! Click farms from down South or botnets such as Game over Zeus will be
Attacking Linux/Moose 2.0 Unraveled an EGO MARKET Read More »
Tracking Exploit Kits Botconf 2016 Thursday | 11:00 – 11:50 John Bambenek 🗣 Despite the ever growing number of malware families, botnets and criminal campaigns; there is only a defined few means by which malware can find its victims. This talk will be a deep dive into tracking exploit kits and the infrastructure behind them.
Tracking Exploit Kits Read More »
Improve DDoS Botnet Tracking With Honeypots Botconf 2016 Thursday | 11:50 – 12:20 Ya Liu 🗣 | Wenji Qu DDoS botnet tracking can be used to watch botnet assisted attacks in real time together with the details including the botnet families, C&C servers, attack types, and attack parameters. Such information helps us to learn current DDoS attacks
Improve DDoS Botnet Tracking With Honeypots Read More »
Function Identification and Recovery Signature Tool Botconf 2016 Thursday | 12:20 – 12:50 Angel Villegas 🗣 Reverse Engineering benign or malicious samples can take a considerable amount of time and new samples are created daily. Leveraging disassemblers, like IDA Pro, a reverse engineer can analyze the same routines across several samples over the lifetime of
Function Identification and Recovery Signature Tool Read More »
Advanced Incident Detection and Threat Hunting using Sysmon (and Splunk) Botconf 2016 Thursday | 14:00 – 14:35 Tom Ueltschi 🗣 Enterprises and organizations of all sizes are struggling to prevent and detect all malware attacks and advanced adversary actions inside their networks in a timely manner. Prevention focused technology hasn’t been good enough to prevent
Advanced Incident Detection and Threat Hunting using Sysmon (and Splunk) Read More »
How Does Dridex Hide Friends? Botconf 2016 Thursday | 14:40 – 15:00 Paul Rascagnères 🗣 | Sébastien Larinier 🗣 | Alexandra Toussaint 🗣 During an incident, CERT Sekoia investigated fraudulent money transfers. These transfers were made from a French firm account to other bank accounts based in different places in Europe. The fraud has been valued at 800 000
How Does Dridex Hide Friends? Read More »
A Tete-a-Tete with RSA Bots Botconf 2016 Thursday | 15:05 – 15:35 Jens Frieß 🗣 | Laura Guevara 🗣 The expansion and specifically the sophistication of botnets has brought with it an increased use of cryptography for safe-guarding communication channels between bots and their command-and-control instances. Asymmetric encryption (or public-key cryptography) currently poses a major challenge for
A Tete-a-Tete with RSA Bots Read More »