Badge distribution & Welcome coffee
Badge distribution & Welcome coffee Botconf 2024 Wednesday2024-04-24 | 10:00 – 11:00 🗣 Edit
Badge distribution & Welcome coffee Read More »
Badge distribution & Welcome coffee Botconf 2024 Wednesday2024-04-24 | 10:00 – 11:00 🗣 Edit
Badge distribution & Welcome coffee Read More »
3CX: a “mise en abyme” supply chain attack? Botconf 2024 Wednesday2024-04-24 | 11:00 – 11:40 Victorien Fragne 🗣 | Godefroy Galas 🗣 This talk will look back on the 3CX supply chain attack campaign which occurred in March and early April 2023 and consisted in the use of the VoIP 3CX software to achieve one of the
3CX: a “mise en abyme” supply chain attack? Read More »
It’s getting cloudy – peering into the recent APT29 activities Botconf 2024 Wednesday2024-04-24 | 11:45 – 12:05 CERT Polska 🗣 As a national CERT, we come across many intriguing malware campaigns targeting Polish organizations and institutions. Last year, we have seen several threat actors targeting a number of European embassies and MFAs, but one group
It’s getting cloudy – peering into the recent APT29 activities Read More »
BYOVD Unveiled: Hunting and Exploring Vulnerabilities in Device Drivers Botconf 2024 Wednesday2024-04-24 | 12:10 – 12:40 Nirmal Singh 🗣 | Rajdeepsinh Dodia 🗣 Malicious program authors often exploit vulnerabilities in popular software programs and employ various methods to circumvent security measures such as antivirus software, sandboxing, and intrusion detection systems. Precisely, threat actors have begun using vulnerable
BYOVD Unveiled: Hunting and Exploring Vulnerabilities in Device Drivers Read More »
Opera1er: from tracking the threat actor to detaining a criminal behind Botconf 2024 Wednesday2024-04-24 | 14:00 – 14:40 Anton Ushakov 🗣 | Hugo Rifflet 🗣 The topic of this talk covers technical description of tactics, techniques, and procedures (TTPs) of the French-speaking financially motivated threat actor, codenamed OPERA1ER (NXSMS) as well as the details of the threat
Opera1er: from tracking the threat actor to detaining a criminal behind Read More »
New Modular Malware RatelS: Shades of PlugX Botconf 2024 Wednesday2024-04-24 | 14:45 – 15:15 Yoshihiro Ishikawa 🗣 | Takuma Matsumoto 🗣 In March 2023, we have observed a new APT malware used by an unknown APT actor in several Japanese companies. The malware is a modular remote access trojan (RAT) like PlugX or ShadowPad which have been
New Modular Malware RatelS: Shades of PlugX Read More »
Parsing the Unparsable: Turning Analyzers into Victims Botconf 2024 Wednesday2024-04-24 | 15:20 – 15:50 Yusuf Kocadas 🗣 | Furkan Er 🗣 While thinking about how to prevent statical analysis on our customers’ applications. I have found myself analyzing publicly available apk parsers on github. I have walked through a bunch of issues to see which apps have
Parsing the Unparsable: Turning Analyzers into Victims Read More »
Warp’s Enigma: Unraveling a Sophisticated Golang Malware Ecosystem that drops modified Stealerium Botconf 2024 Wednesday2024-04-24 | 17:05 – 17:45 Sathwik Ram Prakki 🗣 | Rayapati Lakshmi Prasanna Sai The surge in cybercrime ecosystems and underground forums has led to a substantial increase in stealer malware variants, facilitated by Malware-as-a-Service (MaaS) platforms addressing specific needs and vulnerabilities. This
I’m a Bad Noodle!: An Analysis of Noodle RAT Shared among China-nexus Groups Botconf 2024 Wednesday2024-04-24 | 17:50 – 18:30 Hiroaki Hara 🗣 While investigating several incidents, we encountered the undocumented Linux-based backdoor, we dubbed “Noodle RAT”. This backdoor shares some part of code with “Rekoobe”, which is a Linux-based backdoor widely used by multiple
I’m a Bad Noodle!: An Analysis of Noodle RAT Shared among China-nexus Groups Read More »
WS1 – Writing Configuration Extractors Navigating Challenges in Extracting Malware Artifacts (3h) Botconf 2024 Tuesday2024-04-23 | 14:00 – 17:30 Souhail Hammou 🗣 | Miroslav Stampar 🗣 As reverse engineers, a significant part of our daily work involves writing and maintaining artifact extractors for multiple malware families, ranging from stealers and RATs to loaders and banking trojans. Our