Botconf 2023 Thursday | 16:15 – 16:40 Short presentation Tracking Bumblebee’s Development Suweera De Souza 🗣 In March 2022, a new buzz called Bumblebee appeared in the eCrime scene. This loader is built to execute tasks from its command-and-control (C2), and deliver payloads such as CobaltStrike. But its development doesn’t stop there. In the span […]
Tracking Bumblebee’s Development Read More »
Botconf 2023 Thursday | 16:45 – 17:05 Invited talk A student’s guide to free and open-source enterprise level malware analysis tooling Max ‘Libra’ Kersten 🗣 Finding malware is not the difficult part, as it is prevalent due to the widespread malware campaigns which target consumers and companies alike. Samples are available in multitudes on sample
A student’s guide to free and open-source enterprise level malware analysis tooling Read More »
Botconf 2023 Wednesday | 11:55 – 12:25 Long presentation RAT as a Ransomware – An Hybrid Approach Nirmal Singh 🗣 | Avinash Kumar 🗣 | Niraj Shivtarkar In the last few years we have seen a substantial growth in the Malware-as-a-Service (MaaS) market, this revenue model generates a high income revenue stream for the malware developers and also makes
RAT as a Ransomware – An Hybrid Approach Read More »
Botconf 2023 Wednesday | 12:30 – 12:55 Short presentation A dissection of the KmsdBot Larry W. Cashdollar 🗣 | Allen West 🗣 The presentation will document the KmsdBot discovered and documented by Larry Cashdollar and Allen West. We will discuss the initial discovery, static and dynamic code analysis, some reverse engineering techniques in regard to Go lang
A dissection of the KmsdBot Read More »
Botconf 2023 Wednesday | 14:00 – 14:45 Keynote Security Implications of QUIC Paul Vixie 🗣 | Ben April The Internet has long served as the Web’s communications substrate, and historically that has meant TCP/IP. TCP is a clear text reliable stream protocol which predates the Web by about two decades and is usually implemented in the operating
Security Implications of QUIC Read More »
Botconf 2023 Wednesday | 14:50 – 15:30 Long presentation You OTA Know: Combating Malicious Android System Updaters Łukasz Siewierski 🗣 | Alec Guertin 🗣 Over-the-air (OTA) updates are a crucial part of the Android operating system. The updates are signed and applied by the operating system, but the process of checking for new updates, downloading the files
You OTA Know: Combating Malicious Android System Updaters Read More »
Botconf 2023 Thursday | 15:25 – 15:45 Short presentation The Case For Real Time Detection of Data Exchange Over the DNS Protocol Yarin Ozery 🗣 Data exfiltration and detection has been the subject of lots of research in recent years. DNS exfiltration is the process of abusing the DNS protocol, originally designed for hostname resolving,
The Case For Real Time Detection of Data Exchange Over the DNS Protocol Read More »
Botconf 2023 Friday | 09:30 – 09:55 Short presentation From Words to Intelligence: Leveraging the Cyber Operation Constraint Principle, Natural Language Understanding, and Association Rules for Cyber Threat Analysis Ronan Mouchoux 🗣 | François Moerman 🗣 This presentation describes a system ingesting natural language threat report using Natural Language Processing to generate a graph-based model using the
Botconf 2023 Friday | 10:00 – 10:30 Long presentation Boss, our data is in Russia – a case-based study of employee criminal liability for cyberattacks Luca Brunoni 🗣 | Olivier Beaudet-Labrecque 🗣 | Renaud Zbinden This presentation discusses employee liability in the context of cyber-attacks, with a focus on ransomware cases. We aim to present a series of case
Botconf 2023 Friday | 10:35 – 11:05 Long presentation Asylum Ambuscade: Crimeware or cyberespionage? Matthieu Faou 🗣 Asylum Ambuscade is a threat group that came under research scrutiny after it targeted European government personnel in late February 2022, just after the beginning of the Russia-Ukraine war. During the intervening months, dozens of different threat actors
Asylum Ambuscade: Crimeware or cyberespionage? Read More »