Everything Panda Banker Botconf 2018 Thursday | 14:40 – 15:10 Dennis Schwarz 🗣 The Panda Banker malware was first spotted in the wild in early 2016. It has since seen consistent development, gained a significant threat actor user base, and has become one of the most advanced and persistent banking malwares in the current threat […]
Everything Panda Banker Read More »
Hunting and Detecting APTs using Sysmon and PowerShell Logging Botconf 2018 Thursday | 11:10 – 11:50 Tom Ueltschi 🗣 Many security professionals and Blue Team members appreciate a good and detailed written APT report by any renowned security company. This is especially true, if they document and explain some new and stealthy technique that was
Hunting and Detecting APTs using Sysmon and PowerShell Logging Read More »
Trickbot The Trick is On You! Botconf 2018 Wednesday | 17:20 – 17:50 Floser Bacurio Jr. 🗣 | Joie Salvio 🗣 Bot malware landscape always changes with both new and old families being updated with new techniques to perform cybercrime. And due to their sheer number, manually analysing and tracking them is a tedious affair. This entails
Trickbot The Trick is On You! Read More »
Botception: Botnet distributes script with bot capabilities Botconf 2018 Thursday | 09:50 – 10:20 Jan Sirmer 🗣 | Adolf Středa 🗣 Monitoring botnets is a crucial component of cybersecurity, but it’s not everyday we see a botnet spreading scripts with bot capabilities. At the end of April 2018, while monitoring one of the branches of the Necurs
Botception: Botnet distributes script with bot capabilities Read More »
Cutting the Wrong Wire: how a Clumsy Attacker Revealed a Global Cryptojacking Campaign Botconf 2018 Wednesday | 12:30 – 12:50 Renato Marinho 🗣 We have seen a massive spike in malicious crypto mining campaigns killing themselves for the chance to have their victim’s CPU. The shorter and shorter time window between vulnerability disclosure and cryptojacking
Cutting the Wrong Wire: how a Clumsy Attacker Revealed a Global Cryptojacking Campaign Read More »
APT Attack against the Middle East: The Big Bang Botconf 2018 Wednesday | 11:00 – 11:30 Aseel Kayal 🗣 | Lotem Finkelstein 🗣 Over the past few weeks, we discovered the comeback of an APT attack against the Middle East, and specifically against the Palestinian Authority. The APT group behind this attack launched a campaign over a
APT Attack against the Middle East: The Big Bang Read More »
How many Mirai variants are there? Botconf 2018 Friday | 15:30 – 16:00 Wenji Qu 🗣 | Hui Wang 🗣 Mirai was soon open-sourced after overwhelming several high-profile targets including Krebsonsecurity, OVH, and DYN in Autumn 2016, which leads to a proliferation of Mirai variants in the past 2 years. For better fight against Mirai botnets, effective
How many Mirai variants are there? Read More »
The Snake Keeps Reinventing Itself Botconf 2018 Friday | 14:45 – 15:30 Matthieu Faou 🗣 After having tracked Turla’s activities for several years, we now have a unique understanding of their Tools, Tactics and Procedures (TTPs). In this talk, we would like to share this knowledge to help defenders protect their networks. Turla is an
The Snake Keeps Reinventing Itself Read More »
Triada: the Past, the Present, the (Hopefully not Existing) Future Botconf 2018 Friday | 14:00 – 14:50 Łukasz Siewierski 🗣 Triada is an Android threat known within the malware research field for a couple of years. Despite that, it still remains a very interesting threat as their authors did something very rarely seen in any
Triada: the Past, the Present, the (Hopefully not Existing) Future Read More »
Mirai: Beyond the Aftermath Botconf 2018 Friday | 10:10 – 10:40 Rommel Joven 🗣 | David Maciejak | Jasper Manuel Two years have passed since Mirai unleashed its wrath to the world by targeting high profile victims. Many things have happened since then, the good, the author responsible has already been convicted, the bad, source code was released to
Mirai: Beyond the Aftermath Read More »