SlideShare ist ein Scribd-Unternehmen logo

Malware Most Wanted: Evil Bunny

Als PPTX, PDF herunterladen
C
Cyphort

Cyphort Labs has come across a sophisticated malware sample, dubbed Evil Bunny, which tricks sandboxes and shows rather uncommon deception traits to evade detection. Marion Marschalek, Security Researcher of Cyphort Labs, will dissect this evil, yet fascinating, malware called EvilBunny Malware Dropper. We will examine how it attempts to evade detection from AV and sandboxing, how it drops the payload, and how it persists and deletes itself.

Technologie
1 von 37
EvilBunny Malware Marion Marschalek Security Researcher at Cyphort Labs
Your speakers today Marion Marschalek Security Researcher Cyphort Labs Shelendra Sharma Product Marketing Director
Agenda o Modern Threat Landscape o Wrap-up and Q&A CyphortLabsT-shirt
Threat Monitoring & Research team ________ 24X7 monitoring for malware events ________ Assist customers with their Forensics and Incident Response We enhance malware detection accuracy ________ False positives/negatives ________ Deep-dive research We work with the security ecosystem ________ Contribute to and learn from malware KB ________ Best of 3rd Party threat data
The Modern Threat Landscape
http://www.mirror.co.uk/ OFFENDERS
http://www.moviepilot.com DEFENDERS
http://www.screenrant.com/ SOPHISTICATED WEAPONRY
http://www.fanpop.com/ SOPHISTICATED WEAPONRY WITH SUPERPOWERS
o You don‘t see your adversary o You don‘t know whose death star it is there on your machine o You probably won‘t even find the death star on your machine http://glee.wikia.com
o Intellectual property being stolen o Political opponents put to jail o Internet communication being blocked o Vendor finding a new exploit o Same time, hacker writes 5 more o Control of media o Enterprises loosing customer data o Nation states spying on their citizens o Nation states being hacked o Little paul loosing his homework
Bunny Offenders
SAMPLE #1 o Filesize:192512 o CompileTime: 2010:05:06 o C&C: callientefever.info o HTTP Accept-Language: fr
TFC o Dynamic API loading by name hash
TFC o PING o EXEC o HTTPF o ASPFLOOD o TCPFLOOD o WEBFLOOD o POSTFLOOD ATCLEAR STATISTICS KILL SET UPLOAD UPDATE PLUGIN FLOODING EVERYTHING
TFC command and control
SAMPLES #[2-4] o FileSize: 184320 o CodeSize: 139264 o CompileTime: 2010:02:16 18:05:54+01:00 o FileSize: 184320 o CodeSize: 139264 o CompileTime: 2010:03:11 17:55:03+01:00 o FileSize: 792064 o CodeSize: 583680 o CompileTime: 2011:10:25 20:28:39+01:00
EvilBunny o FileSize: 792064 o CompileTime: 2011:10:25 20:28:39+01:00 o API name hashing key AB34CD77h o http://1.9.32.11/bunny/test.php?rec=nvista o Anti-Analysis | Threads & Files | CPU Data | C&C Commands | LUA
Not funny.
SRSLY?
Evil Bunny AV Product Enumeration Firewall Product Enumeration Sandbox Check "klavme", "myapp", "TESTAPP", "afyjevmv.exe“, Timing Condition SELECT * FROM ANTIVIRUSPRODUCT SELECT * FROM FIREWALLPRODUCT
Big Boss Worker2 Worker1 Worker0 Worker3 MainThread PerfMon CommandParsing ScriptExecution Manage Worker Threads FileMan/Inet EvilBunny
LUA Thread Cmd Parsing Execute Command Start LUA Thread Advanced Command and Script Parsing Lua magic
Advanced Command and Script Parsing Lua magic o 4 worker threads o Executing Lua scripts o Lua 5.1 + C/Invoke code o Callback from LUA to C++
C&c servers o Config stored in HKLMSoftwareMicrosoftIpsec o http://le-progres.net/images/php/test.php?rec=11206-01 o http://ghatreh.com/skins/php/test.php?rec=11206-01 o http://www.usthb-dz.org/includes/php/test.php?rec=11206-01
Location Remote Host Port Number Oakville, Canada 69.90.160.65 80 Montréal, Canada 70.38.107.13 80 Montréal, Canada 70.38.12.10 80 http://www.threatexpert.com/report.aspx?md5=c40e3ee23cf95d992b7cd0b7c01b8599 C&c servers
GETCONFIG FTPPUT FTPGET SENDFILE GETFILE UNINSTALL RESTARTHEARER RESTART CLEANHEARER COMMANDS CRONTASKA CRONTASKR CRONTASKL MAXPOSTDAT SETURL STOP SETCPULIMIT TIMEOUT WAITFOR UPDATEDIETIME
Infection Vector http://blog.9bplus.com/analyzing-cve-2011-4369-part-one/
CVE-2011-4369 o Adobe Reader vulnerability o Discovered December 2011 o Original release date: Dec. 16, 2011 o Documented Bunny infection: Dec. 20, 2011
WRAPPING UP THE RABBIT
TRAITS OF SOPHISTICATED MALWARE o Tricking of security solutions o Showing uncommon features o Vast resources being used in development and spreading o Advanced stealth mechanisms
BUNNY ORIGINS o Project named bunny, version 2.3.2 o DDoS botnet operators o Accept-Language: fr o C&C Servers hosted in Canada o C&C domains resemble French/Iranian websites o Related to recently revealed Babar malware
THE HIDDEN LINK o Shared code o Proxy bypass o Anti-virus enumeration o Similar API obfuscation o Same level of complexity o Middle-eastern domain names
Q&A
Thank You!
Malware Most Wanted: Evil Bunny

Empfohlen

Mmw mac malware-mac
Mmw mac malware-macMmw mac malware-mac
Mmw mac malware-mac
Cyphort
 
Malware Most Wanted: Security Ecosystem
Malware Most Wanted: Security EcosystemMalware Most Wanted: Security Ecosystem
Malware Most Wanted: Security Ecosystem
Cyphort
 
Malware self protection-matrix
Malware self protection-matrixMalware self protection-matrix
Malware self protection-matrix
Cyphort
 
EverSec + Cyphort: Big Trends in Cybersecurity
EverSec + Cyphort: Big Trends in CybersecurityEverSec + Cyphort: Big Trends in Cybersecurity
EverSec + Cyphort: Big Trends in Cybersecurity
Cyphort
 
Malware's Most Wanted: The Many Faces of Malware
Malware's Most Wanted: The Many Faces of MalwareMalware's Most Wanted: The Many Faces of Malware
Malware's Most Wanted: The Many Faces of Malware
Cyphort
 
Malware's Most Wanted: Linux and Internet of Things Malware
Malware's Most Wanted: Linux and Internet of Things MalwareMalware's Most Wanted: Linux and Internet of Things Malware
Malware's Most Wanted: Linux and Internet of Things Malware
Cyphort
 
Malware's Most Wanted: Financial Trojans
Malware's Most Wanted: Financial TrojansMalware's Most Wanted: Financial Trojans
Malware's Most Wanted: Financial Trojans
Cyphort
 
Understanding Malware Lateral Spread Used in High Value Attacks
Understanding Malware Lateral Spread Used in High Value AttacksUnderstanding Malware Lateral Spread Used in High Value Attacks
Understanding Malware Lateral Spread Used in High Value Attacks
Cyphort
 

Empfohlen

Mmw mac malware-mac
Mmw mac malware-macMmw mac malware-mac
Mmw mac malware-mac
Cyphort
 
Malware Most Wanted: Security Ecosystem
Malware Most Wanted: Security EcosystemMalware Most Wanted: Security Ecosystem
Malware Most Wanted: Security Ecosystem
Cyphort
 
Malware self protection-matrix
Malware self protection-matrixMalware self protection-matrix
Malware self protection-matrix
Cyphort
 
EverSec + Cyphort: Big Trends in Cybersecurity
EverSec + Cyphort: Big Trends in CybersecurityEverSec + Cyphort: Big Trends in Cybersecurity
EverSec + Cyphort: Big Trends in Cybersecurity
Cyphort
 
Malware's Most Wanted: The Many Faces of Malware
Malware's Most Wanted: The Many Faces of MalwareMalware's Most Wanted: The Many Faces of Malware
Malware's Most Wanted: The Many Faces of Malware
Cyphort
 
Malware's Most Wanted: Linux and Internet of Things Malware
Malware's Most Wanted: Linux and Internet of Things MalwareMalware's Most Wanted: Linux and Internet of Things Malware
Malware's Most Wanted: Linux and Internet of Things Malware
Cyphort
 
Malware's Most Wanted: Financial Trojans
Malware's Most Wanted: Financial TrojansMalware's Most Wanted: Financial Trojans
Malware's Most Wanted: Financial Trojans
Cyphort
 
Understanding Malware Lateral Spread Used in High Value Attacks
Understanding Malware Lateral Spread Used in High Value AttacksUnderstanding Malware Lateral Spread Used in High Value Attacks
Understanding Malware Lateral Spread Used in High Value Attacks
Cyphort
 
Cybersecurity 5 road_blocks
Cybersecurity 5 road_blocksCybersecurity 5 road_blocks
Cybersecurity 5 road_blocks
Cyphort
 
MMW Anti-Sandbox Techniques
MMW Anti-Sandbox TechniquesMMW Anti-Sandbox Techniques
MMW Anti-Sandbox Techniques
Cyphort
 
Most notable apt_ attacks_of_2015_and_2016 predictions
Most notable apt_ attacks_of_2015_and_2016 predictionsMost notable apt_ attacks_of_2015_and_2016 predictions
Most notable apt_ attacks_of_2015_and_2016 predictions
Cyphort
 
Malware's Most Wanted: Malvertising Attacks on Huffingtonpost, Yahoo, AOL
Malware's Most Wanted: Malvertising Attacks on Huffingtonpost, Yahoo, AOLMalware's Most Wanted: Malvertising Attacks on Huffingtonpost, Yahoo, AOL
Malware's Most Wanted: Malvertising Attacks on Huffingtonpost, Yahoo, AOL
Cyphort
 
Dissecting Cryptowall
Dissecting CryptowallDissecting Cryptowall
Dissecting Cryptowall
Cyphort
 
Sony Attack by Destover Malware. Part of Cyphort Malware Most Wanted Series.
Sony Attack by Destover Malware. Part of Cyphort Malware Most Wanted Series.Sony Attack by Destover Malware. Part of Cyphort Malware Most Wanted Series.
Sony Attack by Destover Malware. Part of Cyphort Malware Most Wanted Series.
Cyphort
 
MMW April 2016 Ransomware Resurgence
MMW April 2016 Ransomware Resurgence MMW April 2016 Ransomware Resurgence
MMW April 2016 Ransomware Resurgence
Cyphort
 
Malware Evasion Techniques
Malware Evasion TechniquesMalware Evasion Techniques
Malware Evasion Techniques
Thomas Roccia
 
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...
HackIT Ukraine
 
MMW June 2016: The Rise and Fall of Angler
MMW June 2016: The Rise and Fall of Angler MMW June 2016: The Rise and Fall of Angler
MMW June 2016: The Rise and Fall of Angler
Marci Bontadelli
 
42 - Malware - Understand the Threat and How to Respond
42 - Malware - Understand the Threat and How to Respond42 - Malware - Understand the Threat and How to Respond
42 - Malware - Understand the Threat and How to Respond
Thomas Roccia
 
What you need to know about ExPetr ransomware
What you need to know about ExPetr ransomwareWhat you need to know about ExPetr ransomware
What you need to know about ExPetr ransomware
Kaspersky
 
Wannacry | Technical Insight and Lessons Learned
Wannacry | Technical Insight and Lessons LearnedWannacry | Technical Insight and Lessons Learned
Wannacry | Technical Insight and Lessons Learned
Thomas Roccia
 
Security by Weston Hecker
Security by Weston HeckerSecurity by Weston Hecker
Security by Weston Hecker
EC-Council
 
CoinMiners are Evasive - BsidesTLV
CoinMiners are Evasive - BsidesTLVCoinMiners are Evasive - BsidesTLV
CoinMiners are Evasive - BsidesTLV
Thomas Roccia
 
Malware's Most Wanted: How to tell BADware from adware
Malware's Most Wanted: How to tell BADware from adwareMalware's Most Wanted: How to tell BADware from adware
Malware's Most Wanted: How to tell BADware from adware
Cyphort
 
Digging deeper into the IE vulnerability CVE-2014-1776 with Cyphort
Digging deeper into the IE vulnerability CVE-2014-1776 with CyphortDigging deeper into the IE vulnerability CVE-2014-1776 with Cyphort
Digging deeper into the IE vulnerability CVE-2014-1776 with Cyphort
Cyphort
 
Break IT Down by Josh Smith
Break IT Down by Josh SmithBreak IT Down by Josh Smith
Break IT Down by Josh Smith
EC-Council
 
How To Defeat Advanced Malware. New Tools for Protection and Forensics
How To Defeat Advanced Malware. New Tools for Protection and ForensicsHow To Defeat Advanced Malware. New Tools for Protection and Forensics
How To Defeat Advanced Malware. New Tools for Protection and Forensics
London School of Cyber Security
 
Malware's Most Wanted: CryptoLocker—The Ransomware Trojan
Malware's Most Wanted: CryptoLocker—The Ransomware TrojanMalware's Most Wanted: CryptoLocker—The Ransomware Trojan
Malware's Most Wanted: CryptoLocker—The Ransomware Trojan
Cyphort
 
The Panama Papers Hack
The Panama Papers HackThe Panama Papers Hack
The Panama Papers Hack
London School of Cyber Security
 
Infographic Protecting Patient Data
Infographic Protecting Patient Data Infographic Protecting Patient Data
Infographic Protecting Patient Data
Fortinet
 

Weitere ähnliche Inhalte

Was ist angesagt?

Malware's Most Wanted: Malvertising Attacks on Huffingtonpost, Yahoo, AOL
Malware's Most Wanted: Malvertising Attacks on Huffingtonpost, Yahoo, AOLMalware's Most Wanted: Malvertising Attacks on Huffingtonpost, Yahoo, AOL
Malware's Most Wanted: Malvertising Attacks on Huffingtonpost, Yahoo, AOL
Cyphort
 
MMW April 2016 Ransomware Resurgence
MMW April 2016 Ransomware Resurgence MMW April 2016 Ransomware Resurgence
MMW April 2016 Ransomware Resurgence
Cyphort
 
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...
HackIT Ukraine
 
What you need to know about ExPetr ransomware
What you need to know about ExPetr ransomwareWhat you need to know about ExPetr ransomware
What you need to know about ExPetr ransomware
Kaspersky
 
Security by Weston Hecker
Security by Weston HeckerSecurity by Weston Hecker
Security by Weston Hecker
EC-Council
 

Was ist angesagt? (18)

Cybersecurity 5 road_blocks
Cybersecurity 5 road_blocksCybersecurity 5 road_blocks
Cybersecurity 5 road_blocks
 
MMW Anti-Sandbox Techniques
MMW Anti-Sandbox TechniquesMMW Anti-Sandbox Techniques
MMW Anti-Sandbox Techniques
 
Most notable apt_ attacks_of_2015_and_2016 predictions
Most notable apt_ attacks_of_2015_and_2016 predictionsMost notable apt_ attacks_of_2015_and_2016 predictions
Most notable apt_ attacks_of_2015_and_2016 predictions
 
Malware's Most Wanted: Malvertising Attacks on Huffingtonpost, Yahoo, AOL
Malware's Most Wanted: Malvertising Attacks on Huffingtonpost, Yahoo, AOLMalware's Most Wanted: Malvertising Attacks on Huffingtonpost, Yahoo, AOL
Malware's Most Wanted: Malvertising Attacks on Huffingtonpost, Yahoo, AOL
 
Dissecting Cryptowall
Dissecting CryptowallDissecting Cryptowall
Dissecting Cryptowall
 
Sony Attack by Destover Malware. Part of Cyphort Malware Most Wanted Series.
Sony Attack by Destover Malware. Part of Cyphort Malware Most Wanted Series.Sony Attack by Destover Malware. Part of Cyphort Malware Most Wanted Series.
Sony Attack by Destover Malware. Part of Cyphort Malware Most Wanted Series.
 
MMW April 2016 Ransomware Resurgence
MMW April 2016 Ransomware Resurgence MMW April 2016 Ransomware Resurgence
MMW April 2016 Ransomware Resurgence
 
Malware Evasion Techniques
Malware Evasion TechniquesMalware Evasion Techniques
Malware Evasion Techniques
 
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...
Ник Белогорский - Будни Кремниевой Долины. История карьеры Ника, борьба с хак...
 
MMW June 2016: The Rise and Fall of Angler
MMW June 2016: The Rise and Fall of Angler MMW June 2016: The Rise and Fall of Angler
MMW June 2016: The Rise and Fall of Angler
 
42 - Malware - Understand the Threat and How to Respond
42 - Malware - Understand the Threat and How to Respond42 - Malware - Understand the Threat and How to Respond
42 - Malware - Understand the Threat and How to Respond
 
What you need to know about ExPetr ransomware
What you need to know about ExPetr ransomwareWhat you need to know about ExPetr ransomware
What you need to know about ExPetr ransomware
 
Wannacry | Technical Insight and Lessons Learned
Wannacry | Technical Insight and Lessons LearnedWannacry | Technical Insight and Lessons Learned
Wannacry | Technical Insight and Lessons Learned
 
Security by Weston Hecker
Security by Weston HeckerSecurity by Weston Hecker
Security by Weston Hecker
 
CoinMiners are Evasive - BsidesTLV
CoinMiners are Evasive - BsidesTLVCoinMiners are Evasive - BsidesTLV
CoinMiners are Evasive - BsidesTLV
 
Malware's Most Wanted: How to tell BADware from adware
Malware's Most Wanted: How to tell BADware from adwareMalware's Most Wanted: How to tell BADware from adware
Malware's Most Wanted: How to tell BADware from adware
 
Digging deeper into the IE vulnerability CVE-2014-1776 with Cyphort
Digging deeper into the IE vulnerability CVE-2014-1776 with CyphortDigging deeper into the IE vulnerability CVE-2014-1776 with Cyphort
Digging deeper into the IE vulnerability CVE-2014-1776 with Cyphort
 
Break IT Down by Josh Smith
Break IT Down by Josh SmithBreak IT Down by Josh Smith
Break IT Down by Josh Smith
 

Andere mochten auch

The RMF: New Emphasis on the Risk Management Framework for Government Organiz...
The RMF: New Emphasis on the Risk Management Framework for Government Organiz...The RMF: New Emphasis on the Risk Management Framework for Government Organiz...
The RMF: New Emphasis on the Risk Management Framework for Government Organiz...
Tripwire
 

Andere mochten auch (10)

How To Defeat Advanced Malware. New Tools for Protection and Forensics
How To Defeat Advanced Malware. New Tools for Protection and ForensicsHow To Defeat Advanced Malware. New Tools for Protection and Forensics
How To Defeat Advanced Malware. New Tools for Protection and Forensics
 
Malware's Most Wanted: CryptoLocker—The Ransomware Trojan
Malware's Most Wanted: CryptoLocker—The Ransomware TrojanMalware's Most Wanted: CryptoLocker—The Ransomware Trojan
Malware's Most Wanted: CryptoLocker—The Ransomware Trojan
 
The Panama Papers Hack
The Panama Papers HackThe Panama Papers Hack
The Panama Papers Hack
 
Infographic Protecting Patient Data
Infographic Protecting Patient Data Infographic Protecting Patient Data
Infographic Protecting Patient Data
 
FireEye Engineering
FireEye Engineering FireEye Engineering
FireEye Engineering
 
tripwire
tripwiretripwire
tripwire
 
MMW June 2016: The Rise and Fall of Angler
MMW June 2016: The Rise and Fall of Angler MMW June 2016: The Rise and Fall of Angler
MMW June 2016: The Rise and Fall of Angler
 
The RMF: New Emphasis on the Risk Management Framework for Government Organiz...
The RMF: New Emphasis on the Risk Management Framework for Government Organiz...The RMF: New Emphasis on the Risk Management Framework for Government Organiz...
The RMF: New Emphasis on the Risk Management Framework for Government Organiz...
 
Asia Pacific & The Security Gap: Don't Stand Still
Asia Pacific & The Security Gap: Don't Stand StillAsia Pacific & The Security Gap: Don't Stand Still
Asia Pacific & The Security Gap: Don't Stand Still
 
FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not
 

Ähnlich wie Malware Most Wanted: Evil Bunny

Central Ohio InfoSec Summit: Why Script Kiddies Succeed
Central Ohio InfoSec Summit: Why Script Kiddies SucceedCentral Ohio InfoSec Summit: Why Script Kiddies Succeed
Central Ohio InfoSec Summit: Why Script Kiddies Succeed
ThreatReel Podcast
 
Automotive Cybersecurity: Test Like a Hacker
Automotive Cybersecurity: Test Like a HackerAutomotive Cybersecurity: Test Like a Hacker
Automotive Cybersecurity: Test Like a Hacker
ForAllSecure
 
Good Security Starts with Software Assurance - Software Assurance Market Plac...
Good Security Starts with Software Assurance - Software Assurance Market Plac...Good Security Starts with Software Assurance - Software Assurance Market Plac...
Good Security Starts with Software Assurance - Software Assurance Market Plac...
Phil Agcaoili
 
Reversing & malware analysis training part 10 exploit development basics
Reversing & malware analysis training part 10 exploit development basicsReversing & malware analysis training part 10 exploit development basics
Reversing & malware analysis training part 10 exploit development basics
Abdulrahman Bassam
 

Ähnlich wie Malware Most Wanted: Evil Bunny (20)

Malware's most wanted-zberp-the_financial_trojan
Malware's most wanted-zberp-the_financial_trojanMalware's most wanted-zberp-the_financial_trojan
Malware's most wanted-zberp-the_financial_trojan
 
Malware 101 by saurabh chaudhary
Malware 101 by saurabh chaudharyMalware 101 by saurabh chaudhary
Malware 101 by saurabh chaudhary
 
OSCP Preparation Guide @ Infosectrain
OSCP Preparation Guide @ InfosectrainOSCP Preparation Guide @ Infosectrain
OSCP Preparation Guide @ Infosectrain
 
AppSec California 2016 - Making Security Agile
AppSec California 2016 - Making Security AgileAppSec California 2016 - Making Security Agile
AppSec California 2016 - Making Security Agile
 
Mmw anti sandbox_techniques
Mmw anti sandbox_techniquesMmw anti sandbox_techniques
Mmw anti sandbox_techniques
 
Mmw anti sandboxtricks
Mmw anti sandboxtricksMmw anti sandboxtricks
Mmw anti sandboxtricks
 
Central Ohio InfoSec Summit: Why Script Kiddies Succeed
Central Ohio InfoSec Summit: Why Script Kiddies SucceedCentral Ohio InfoSec Summit: Why Script Kiddies Succeed
Central Ohio InfoSec Summit: Why Script Kiddies Succeed
 
Inside the Matrix,How to Build Transparent Sandbox for Malware Analysis
Inside the Matrix,How to Build Transparent Sandbox for Malware AnalysisInside the Matrix,How to Build Transparent Sandbox for Malware Analysis
Inside the Matrix,How to Build Transparent Sandbox for Malware Analysis
 
Reversing & malware analysis training part 1 lab setup guide
Reversing & malware analysis training part 1 lab setup guideReversing & malware analysis training part 1 lab setup guide
Reversing & malware analysis training part 1 lab setup guide
 
Bug Bounty 101
Bug Bounty 101Bug Bounty 101
Bug Bounty 101
 
TENTACLE: Environment-Sensitive Malware Palpation(PacSec 2014)
TENTACLE: Environment-Sensitive Malware Palpation(PacSec 2014)TENTACLE: Environment-Sensitive Malware Palpation(PacSec 2014)
TENTACLE: Environment-Sensitive Malware Palpation(PacSec 2014)
 
Penetration testing dont just leave it to chance
Penetration testing dont just leave it to chancePenetration testing dont just leave it to chance
Penetration testing dont just leave it to chance
 
Automotive Cybersecurity: Test Like a Hacker
Automotive Cybersecurity: Test Like a HackerAutomotive Cybersecurity: Test Like a Hacker
Automotive Cybersecurity: Test Like a Hacker
 
Good Security Starts with Software Assurance - Software Assurance Market Plac...
Good Security Starts with Software Assurance - Software Assurance Market Plac...Good Security Starts with Software Assurance - Software Assurance Market Plac...
Good Security Starts with Software Assurance - Software Assurance Market Plac...
 
Reversing & malware analysis training part 10 exploit development basics
Reversing & malware analysis training part 10 exploit development basicsReversing & malware analysis training part 10 exploit development basics
Reversing & malware analysis training part 10 exploit development basics
 
Ceh v8 labs module 03 scanning networks
Ceh v8 labs module 03 scanning networksCeh v8 labs module 03 scanning networks
Ceh v8 labs module 03 scanning networks
 
Security Testing
Security TestingSecurity Testing
Security Testing
 
SmartphoneHacking_Android_Exploitation
SmartphoneHacking_Android_ExploitationSmartphoneHacking_Android_Exploitation
SmartphoneHacking_Android_Exploitation
 
Metasploit Computer security testing tool
Metasploit Computer security testing toolMetasploit Computer security testing tool
Metasploit Computer security testing tool
 
Cyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber CriminalsCyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber Criminals
 

Mehr von Cyphort

Mehr von Cyphort (8)

Machine learning cyphort_malware_most_wanted
Machine learning cyphort_malware_most_wantedMachine learning cyphort_malware_most_wanted
Machine learning cyphort_malware_most_wanted
 
Cyber espionage nation state-apt_attacks_on_the_rise
Cyber espionage nation state-apt_attacks_on_the_riseCyber espionage nation state-apt_attacks_on_the_rise
Cyber espionage nation state-apt_attacks_on_the_rise
 
If you have three wishes
If you have three wishesIf you have three wishes
If you have three wishes
 
The A and the P of the T
The A and the P of the TThe A and the P of the T
The A and the P of the T
 
Zeus Dissected
Zeus DissectedZeus Dissected
Zeus Dissected
 
ISC2014 Beijing Keynote
ISC2014 Beijing KeynoteISC2014 Beijing Keynote
ISC2014 Beijing Keynote
 
Malware's Most Wanted (MMW): Backoff POS Malware
Malware's Most Wanted (MMW): Backoff POS Malware Malware's Most Wanted (MMW): Backoff POS Malware
Malware's Most Wanted (MMW): Backoff POS Malware
 
Malware’s Most Wanted: NightHunter. A Massive Campaign to Steal Credentials R...
Malware’s Most Wanted: NightHunter. A Massive Campaign to Steal Credentials R...Malware’s Most Wanted: NightHunter. A Massive Campaign to Steal Credentials R...
Malware’s Most Wanted: NightHunter. A Massive Campaign to Steal Credentials R...
 

Kürzlich hochgeladen

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 

Kürzlich hochgeladen (20)

AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 

Malware Most Wanted: Evil Bunny

Hinweis der Redaktion

  1. About Cyphort Labs