The Snake Keeps Reinventing Itself Botconf 2018 Friday | 14:45 – 15:30 Matthieu Faou 🗣 After having tracked Turla’s activities for several years, we now have a unique understanding of their Tools, Tactics and Procedures (TTPs). In this talk, we would like to share this knowledge to help defenders protect their networks. Turla is an […]
The Snake Keeps Reinventing Itself Read More »
How many Mirai variants are there? Botconf 2018 Friday | 15:30 – 16:00 Wenji Qu 🗣 | Hui Wang 🗣 Mirai was soon open-sourced after overwhelming several high-profile targets including Krebsonsecurity, OVH, and DYN in Autumn 2016, which leads to a proliferation of Mirai variants in the past 2 years. For better fight against Mirai botnets, effective
How many Mirai variants are there? Read More »
APT Attack against the Middle East: The Big Bang Botconf 2018 Wednesday | 11:00 – 11:30 Aseel Kayal 🗣 | Lotem Finkelstein 🗣 Over the past few weeks, we discovered the comeback of an APT attack against the Middle East, and specifically against the Palestinian Authority. The APT group behind this attack launched a campaign over a
APT Attack against the Middle East: The Big Bang Read More »
Cutting the Wrong Wire: how a Clumsy Attacker Revealed a Global Cryptojacking Campaign Botconf 2018 Wednesday | 12:30 – 12:50 Renato Marinho 🗣 We have seen a massive spike in malicious crypto mining campaigns killing themselves for the chance to have their victim’s CPU. The shorter and shorter time window between vulnerability disclosure and cryptojacking
Cutting the Wrong Wire: how a Clumsy Attacker Revealed a Global Cryptojacking Campaign Read More »
How Much Should You Pay for your own Botnet ? Botconf 2018 Wednesday | 15:40 – 16:10 Antoine Rebstock 🗣 Cloud computing provides scalable and on-demand infrastructure, which seems to be the perfect way to host a botnet. This paper focuses on cloud-based botnets to perform legal DDoS resilience tests. We model the cost of
How Much Should You Pay for your own Botnet ? Read More »
Botception: Botnet distributes script with bot capabilities Botconf 2018 Thursday | 09:50 – 10:20 Jan Sirmer 🗣 | Adolf Středa 🗣 Monitoring botnets is a crucial component of cybersecurity, but it’s not everyday we see a botnet spreading scripts with bot capabilities. At the end of April 2018, while monitoring one of the branches of the Necurs
Botception: Botnet distributes script with bot capabilities Read More »
Trickbot The Trick is On You! Botconf 2018 Wednesday | 17:20 – 17:50 Floser Bacurio Jr. 🗣 | Joie Salvio 🗣 Bot malware landscape always changes with both new and old families being updated with new techniques to perform cybercrime. And due to their sheer number, manually analysing and tracking them is a tedious affair. This entails
Trickbot The Trick is On You! Read More »
Hunting and Detecting APTs using Sysmon and PowerShell Logging Botconf 2018 Thursday | 11:10 – 11:50 Tom Ueltschi 🗣 Many security professionals and Blue Team members appreciate a good and detailed written APT report by any renowned security company. This is especially true, if they document and explain some new and stealthy technique that was
Hunting and Detecting APTs using Sysmon and PowerShell Logging Read More »
Everything Panda Banker Botconf 2018 Thursday | 14:40 – 15:10 Dennis Schwarz 🗣 The Panda Banker malware was first spotted in the wild in early 2016. It has since seen consistent development, gained a significant threat actor user base, and has become one of the most advanced and persistent banking malwares in the current threat
Everything Panda Banker Read More »
Leaving no Stone Unturned – in Search of HTTP Malware Distinctive Features Botconf 2018 Friday | 11:10 – 11:50 Piotr Białczak 🗣 When we analyze malware C&C network traffic we often see that it contains HTTP protocol. Sometimes the messages are obfuscated and sometimes sent as plain text. They can be intentionally crafted to look
Leaving no Stone Unturned – in Search of HTTP Malware Distinctive Features Read More »