Tag: vb2018
-
VB2018 paper: Draw me like one of your French APTs – expanding our descriptive palette for cyber threat actors
IT security research stumbled into the world of nation-state intelligence operations more or less by accident. In a now classic VB2015 paper , Juan Andres Guerrero-Saade discussed this shift from security research to intelligence brokerage and what this implied. Juan Andres has been a regular speaker at the VB conference since then, and has given…
-
VB2018 paper: Draw me like one of your French APTs – expanding our descriptive palette for cyber threat actors
IT security research stumbled into the world of nation-state intelligence operations more or less by accident. In a now classic VB2015 paper , Juan Andres Guerrero-Saade discussed this shift from security research to intelligence brokerage and what this implied. Juan Andres has been a regular speaker at the VB conference since then, and has given…
-
VB2018 paper: Office bugs on the rise
A large portion of today’s malware infections use malicious Office documents as a first-stage payload. Typically, the user is tricked into enabling macros or disabling some security protection, after which the next-stage payload is downloaded and executed. However, a different kind of Office malware targets outdated versions of Microsoft Office , which continue to be…
-
VB2018 paper: Office bugs on the rise
A large portion of today’s malware infections use malicious Office documents as a first-stage payload. Typically, the user is tricked into enabling macros or disabling some security protection, after which the next-stage payload is downloaded and executed. However, a different kind of Office malware targets outdated versions of Microsoft Office , which continue to be…
-
VB2018 video: The Big Bang Theory by APT-C-23
The APT-C-23 group, which targets users in the Middle East and in particular in the State of Palestine, was named and first reported on by 360 in a Chinese language blog post in early 2013. Its campaigns have since been written about by many security vendors, including Palo Alto and Cisco Talos . Check Point…
-
VB2018 video: The Big Bang Theory by APT-C-23
The APT-C-23 group, which targets users in the Middle East and in particular in the State of Palestine, was named and first reported on by 360 in a Chinese language blog post in early 2013. Its campaigns have since been written about by many security vendors, including Palo Alto and Cisco Talos . Check Point…
-
VB2018 paper: Tracking Mirai variants
The leaking or publishing of malware source code often leads to multiple spin-off families based on the code. Never has this been more clear than in the case of the Mirai Internet of Things (IoT) botnet. Mirai made its name when it was used in some damaging DDoS attacks in the second half of 2016;…
-
VB2018 paper: Tracking Mirai variants
The leaking or publishing of malware source code often leads to multiple spin-off families based on the code. Never has this been more clear than in the case of the Mirai Internet of Things (IoT) botnet. Mirai made its name when it was used in some damaging DDoS attacks in the second half of 2016;…
-
VB2018 paper: Hide’n’Seek: an adaptive peer-to-peer IoT botnet
Until recently IoT botnets mostly consisted of Mirai and its many descendants. However, during 2018 we have seen an increase in the variety of botnets living on the Internet of Things. One prime example is Hide’N’Seek, discovered by Bitdefender in January, which is notable for its use of peer-to-peer for command-and-control communication. Though the botnet’s…
-
VB2018 paper: Hide’n’Seek: an adaptive peer-to-peer IoT botnet
Until recently IoT botnets mostly consisted of Mirai and its many descendants. However, during 2018 we have seen an increase in the variety of botnets living on the Internet of Things. One prime example is Hide’N’Seek, discovered by Bitdefender in January, which is notable for its use of peer-to-peer for command-and-control communication. Though the botnet’s…