Tag: vb2020
-
VB2020 localhost videos available on YouTube
Today, VB has made all VB2020 localhost presentations available on VB’s YouTube channel , so you can now watch – and share – any part of the conference freely and without registration. The VB2020 / Live track playlist contains the three live broadcasts presented by our host Angela Lamont, each of which features seven presentations and live…
-
VB2020 presentation & paper: 2030: backcasting the potential rise and fall of cyber threat intelligence
Backcasting is an analytical technique that establishes an imagined future scenario and then works backwards to understand what caused that outcome. At VB2020, FireEye ‘s Jamie Collier presented a paper in which he applied the technique to imagine the rise and fall of the cyber threat intelligence (CTI) industry over the next 10 years. Not…
-
VB2020 presentation: Behind the Black Mirror: simulating attacks with mock C2 servers
Dynamic analysis of a malicious sample in a lab setup can be hampered by the absence of the malware’s C2 server listening and providing responses – potentially resulting in only a partial picture of the sample’s behaviour and capabilities being revealed. At VB2020 localhost, Carbon Black ‘s Scott Knight presented an approach he and his colleagues…
-
VB2020 presentation & paper: Advanced Pasta Threat: mapping threat actor usage of open-source offensive security tools
The development and publication of offensive security tools (OSTs) is a point of great controversy in the information security community: while some argue that releasing such tools publicly is irresponsible, offering adversaries the opportunity to outsource the development of tools and techniques, the opposing argument supports the publication of such tools as a valuable resource…
-
VB2020 presentation: Evolution of Excel 4.0 macro weaponization
The use by attackers of legitimate Excel 4.0 (XL4) macros as a simple and reliable method to gain a foothold on a target network is becoming increasingly popular and presents a significant challenge for organizations and defenders alike. For many organizations blacklisting isn’t a viable solution, and for defenders, building reliable signatures for this type…
-
VB2020 presentation: Another threat actor day…
Hospitals can be attractive places for hackers. With access to critical medical records and personally identifiable information, there is great opportunity to exploit patients. At VB2020 localhost Paul Jung, of Excellium Services , detailed an incident response that he and his team faced when, in December 2019, a Belgian hospital required their help to manage…
-
VB2020 presentation: Ramsay: a cyber-espionage toolkit tailored for air-gapped networks
Air gapping is a network security measure commonly used in military/governmental, financial and industrial control systems networks that is applied to one or more computers in order to ensure that a given network is physically isolated – usually in order to prevent exposure of the subject network to the Internet or the local area network. In…
-
VB2020 TIPS presentation: Business Email Compromise – Scalable Attribution Powering Industry and Law Enforcement Collaboration
As part of VB2020 localhost we were proud to co-host the Threat Intelligence Practitioners’ Summit (TIPS), put together by the Cyber Threat Alliance. In a series of blog posts we highlight some of the talks presented in the Summit and the important contribution of threat intelligence sharing. Business Email Compromise (BEC) is now the most…
-
VB2020 TIPS presentation: Collaborating with Competitors: A Better Strategy to Beat Adversaries
As part of VB2020 localhost we were proud to co-host the Threat Intelligence Practitioners’ Summit (TIPS), put together by the Cyber Threat Alliance. In a series of blog posts we highlight some of the talks presented in the Summit and the important contribution of threat intelligence sharing. Threat intelligence sharing has steadily been improving over…
-
VB2020 TIPS presentation: Intelligence Sharing for Supply Chain Security
As part of VB2020 localhost we were proud to co-host the Threat Intelligence Practitioners’ Summit (TIPS), put together by the Cyber Threat Alliance. In a series of blog posts we highlight some of the talks presented in the Summit and the important contribution of threat intelligence sharing. As globalisation continues apace, supply chains have become…