Botconf 2017 – Page 4

Augmented Intelligence to Scale Humans Fighting Botnets

Botconf presentation or article / Editorial team

Augmented Intelligence to Scale Humans Fighting Botnets Botconf 2017 Thursday | 16:00 – 16:30 Yuriy Yuzifovich 🗣 | Hongliang Liu | Alexey Sarychev | Amir Asiaee We propose and implement a novel method of discovering botnet activities by identifying new core domains (domains that are directly below a TLD) that appear in real-time DNS query traffic as suspicious, and discovering botnet […]

Augmented Intelligence to Scale Humans Fighting Botnets Read More »

Stantinko: a Massive Adware Campaign Operating Covertly since 2012

Botconf presentation or article / Editorial team

Stantinko: a Massive Adware Campaign Operating Covertly since 2012 Botconf 2017 Thursday | 16:30 – 17:30 Matthieu Faou 🗣 | Frédéric Vachon 🗣 Stantinko is a botnet that we estimate infects around half a million machines mainly located in the Russian Federation and Ukraine. In addition to its prevalence, Stantinko stands out because of its use of

Stantinko: a Massive Adware Campaign Operating Covertly since 2012 Read More »

How to Compute the Clusterization of a Very Large Dataset of Malware with Open Source Tools for Fun & Profit?

Botconf presentation or article / Editorial team

How to Compute the Clusterization of a Very Large Dataset of Malware with Open Source Tools for Fun & Profit? Botconf 2017 Wednesday | 10:30 – 11:10 Robert Erra 🗣 | Sébastien Larinier 🗣 | Alexandre Letois | Marwan Burelle Malware are now developed at an industrial scale and human analysts need automatic tools to help them.We propose here to present

How to Compute the Clusterization of a Very Large Dataset of Malware with Open Source Tools for Fun & Profit? Read More »

Malware, Penny Stocks, Pharma Spam — Necurs Delivers

Botconf presentation or article / Editorial team

Malware, Penny Stocks, Pharma Spam — Necurs Delivers Botconf 2017 Friday | 14:00 – 14:30 Jaeson Schultz 🗣 | Warren Mercer | Edmund Brumaghin | Nick Biasini Email threats have always been a major part of the threat landscape. As the use of exploit kits and other malware distribution techniques have decreased, malicious spam campaigns play an even greater role in

Malware, Penny Stocks, Pharma Spam — Necurs Delivers Read More »

Thinking Outside of the (Sand)box

Botconf presentation or article / Editorial team

Thinking Outside of the (Sand)box Botconf 2017 Friday | 14:30 – 15:10 Łukasz Siewierski 🗣 During my talk, I will outline the current state of apps that try to break the Android sandbox model, either by directly exploiting the Android device or by trying to circumvent the protections in place. In the past, there has

Thinking Outside of the (Sand)box Read More »

Advanced Threat Hunting

Botconf presentation or article / Editorial team

Advanced Threat Hunting Botconf 2017 Friday | 15:10 – 16:00 Robert Simmons 🗣 Many threat intelligence teams are small and must make limited resources work in the most efficient way possible. The data these teams rely on may be quite high volume and potentially low signal to noise ratio. The tools used to collect and

Advanced Threat Hunting Read More »

KNIGHTCRAWLER, « Discovering Watering-holes for Fun, Nothing. »

Botconf presentation or article / Editorial team

KNIGHTCRAWLER, « Discovering Watering-holes for Fun, Nothing. » Botconf 2017 Thursday | 09:30 – 09:50 Félix Aimé 🗣 How to find watering holes (aka. Strategic Web Compromise – SWC) from your bedroom? At the intersection between geopolitics and technology, « KNIGHTCRAWLER » is a personal project developed to find some malicious activities on several thousand

KNIGHTCRAWLER, « Discovering Watering-holes for Fun, Nothing. » Read More »

Botnet Tracking and Data Analysis Using Open-Source Tools

Botconf presentation or article / Editorial team

Botnet Tracking and Data Analysis Using Open-Source Tools Botconf 2017 Tuesday | 14:00 – 18:00 Olivier Bilodeau 🗣 | Masarah Paquet-Clouston 🗣 Fully understanding a botnet often requires a researcher to go beyond standard reverse-engineering practice and explore the malware’s network traffic. The latter can provide meaningful information on the evolution of a malware’s activity. However, it

Botnet Tracking and Data Analysis Using Open-Source Tools Read More »

Cyber Threat Intel & Incident Response with TheHive, Cortex & MISP

Botconf presentation or article / Editorial team

Cyber Threat Intel & Incident Response with TheHive, Cortex & MISP Botconf 2017 Tuesday | 14:00 – 18:00 Raphaël Vinot 🗣 | Saâd Kadhi 🗣 | Jérôme Leonard 🗣 Agenda: Cyber Threat Intel & Incident Response in 2017 MISP, TheHive & Cortex Overview, Installing & configuring the product stack … Bringing it all together An IR case study, Dealing

Cyber Threat Intel & Incident Response with TheHive, Cortex & MISP Read More »

Python and Machine Learning: How to Clusterize a Malware Dataset

Botconf presentation or article / Editorial team

Python and Machine Learning: How to Clusterize a Malware Dataset Botconf 2017 Tuesday | 14:00 – 18:00 Sébastien Larinier 🗣 The goal of this workshop is to present how to use python to make machine learning. We take examples of security data like malware and we explain how to transform data to use algorithms of

Python and Machine Learning: How to Clusterize a Malware Dataset Read More »