Jumping the air-gap: 15 years of nation-state efforts Botconf 2022 Friday | 09:30 – 10:00 Alexis Dorais-Joncas 🗣 | Facundo Munoz 🗣 Air-gapping is used to protect the most sensitive of networks: voting systems, ICSes running power grids, or SCADA systems operating nuclear centrifuges just to name a few. In the first half of 2020 alone, three […]
Jumping the air-gap: 15 years of nation-state efforts Read More »
PARETO: Streaming Mimicry Botconf 2022 Thursday | 17:30 – 18:00 Inna Vasilyeva 🗣 Edit Video
PARETO: Streaming Mimicry Read More »
SandyBlacktail: Following the footsteps of a commercial offensive malware in the Middle East Botconf 2022 Thursday | 16:00 – 16:40 Aseel Kayal 🗣 | Mark Lechtik 🗣 | Paul Rascagnères 🗣 | Vasily Berdnikov Edit
How Formbook became XLoader and migrated to macOS Botconf 2022 Thursday | 14:45 – 15:15 Alexey Bukhteyev 🗣 | Raman Ladutska 🗣 In this talk we analyze a prevalent malware family Formbook and its successor XLoader from different angles, including OSINT and technical sides. XLoader is a logical step in Formbook’s evolution, it is now able to
How Formbook became XLoader and migrated to macOS Read More »
Warning! Botnet is in your house… Botconf 2022 Thursday | 14:00 – 14:40 Vitaly Simonovich 🗣 | Sarit Yerushalmi 🗣 Edit PDF Video
Warning! Botnet is in your house… Read More »
Detecting emerging malware on cloud before VirusTotal can see it Botconf 2022 Thursday | 12:10 – 12:40 Anastasia Poliakova 🗣 | Andreas Pfadler 🗣 | Yuriy Yuzifovich | Ali Fakeri-Tabrizi | Gan Feng | Hongliang Liu | Thanh Nguyen In this session, we will present our approach for detecting newly emerging malware on a cloud platform and predicting its behavior, and doing so before VirusTotal or any
Detecting emerging malware on cloud before VirusTotal can see it Read More »
Yara: Down the Rabbit Hole Without Slowing Down Botconf 2022 Thursday | 11:35 – 12:05 Dominika Regéciová 🗣 Terry and John are two malware analysts working for an unnamed antivirus company. Terry has worked there for many years, and he is helping John, who started recently, to learn more about their work. John is starting
Yara: Down the Rabbit Hole Without Slowing Down Read More »
Mastering Advanced Memory Analysis For Fun & Profit Botconf 2022 Tuesday | 12:00 – 18:30 Solomon Sonya 🗣 Malware continues to advance in sophistication and prevalence. Well-engineered malware can obfuscate itself from the user, network, and even the operating system running host-based security applications. But one place malware cannot easily hide itself is within volatile
Mastering Advanced Memory Analysis For Fun & Profit Read More »
mwdb: open source tools to build your malware analysis pipeline Botconf 2022 Tuesday | 14:00 – 18:30 Michał Praszmo 🗣 | Paweł Srokosz 🗣 | Paweł Pawliński 🗣 During almost a decade of our malware analysis experience in cert.pl, we have tried many different approaches. Most of them failed but we have learned a lot about what works and
mwdb: open source tools to build your malware analysis pipeline Read More »
Remote Threat Reconnaissance Botconf 2022 Tuesday | 12:00 – 18:30 Nicolas Collery 🗣 | Vitaly Kamluk 🗣 This workshop aims to share knowledge of live triage and analysis of remote compromised systems to assist incident response, digital forensics, or malware discovery and in-place analysis. There are many other applications of the techniques and tools that the participants
Remote Threat Reconnaissance Read More »