Infiltrate Security Conference OPEN CFP

TALK PROFILE
This CFP closes in 2 days

Malware​ ​ tradecrafts​ ​ and nasty​ ​ secrets​ ​ of​ ​ evading​ ​ to escalating

Implant methodology
45

This​ ​ talk​ ​ will​ ​ provide​ ​ insights​ ​ into​ ​ different​ ​ techniques​ ​ uncovered​ ​ by​ ​ a ​ ​ study​ ​ of​ ​ more​ ​ than​ ​ 300 unique​ ​ malware​ ​ samples​ ​ and​ ​ what​ ​ experience​ ​ taught​ ​ me​ ​ over​ ​ the​ ​ past​ ​ years.​ ​ The​ ​ presentation will​ ​ specifically​ ​ focus​ ​ on​ ​ providing​ ​ an​ ​ in-depth​ ​ view​ ​ of​ ​ complex​ ​ payloads​ ​ and​ ​ mechanism​ ​ used for​ ​ infecting​ ​ a ​ ​ system,​ ​ communicating​ ​ with​ ​ C&C,​ ​ escalating​ ​ privilege,​ ​ evading​ ​ Antivirus/Firewalls, network​ ​ policies,​ ​ crossing​ ​ the​ ​ OS​ ​ boundary​ ​ and​ ​ writing​ ​ cross-platform​ ​ malware.​ ​ Brief​ ​ about running​ ​ parallel​ ​ communication​ ​ channels​ ​ like​ ​ DNS,​ ​ ICMP,​ ​ TCP,​ ​ HTTP,​ ​ WSockets​ ​ etc, self-persistence,​ ​ self-autorun,​ ​ exploring​ ​ beyond​ ​ reverse​ ​ shells​ ​ and​ ​ importance​ ​ of​ ​ digital signatures​ ​ and​ ​ encrypted​ ​ communication.​ ​ Small​ ​ introduction​ ​ into​ ​ using​ ​ bypassing​ ​ behavior monitoring​ ​ tools​ ​ and​ ​ using​ ​ steganography​ ​ to​ ​ hide​ ​ payloads​ ​ in​ ​ plain​ ​ sight,​ ​ eliminating​ ​ runtime dependencies​ ​ like​ ​ .net,​ ​ powershell,​ ​ libcurl,​ ​ libssl​ ​ etc.​ ​ and​ ​ complete​ ​ in-memory​ ​ execution. Combining​ ​ social​ ​ engineering​ ​ & ​ ​ technology​ ​ to​ ​ overcome​ ​ technical​ ​ challenges​ ​ faced​ ​ and​ ​ still staying​ ​ under​ ​ the​ ​ radar​ ​ will​ ​ be​ ​ the​ ​ center​ ​ of​ ​ interest​ ​ for​ ​ this​ ​ talk.

Back to Open CFP
Rated 3 - 29 reviewers

Comments

Interested in Speaking?

We are pleased to announce the Call For Papers for INFILTRATE 2018 is now open. If you would like to present and have an offense-focused-fresh-content presentation, please submit an abstract, Bio and headshot to cfp@immunityinc.com. This information will be included on our Open CFP site, here, where the public can vote on which presentations they are most interested in seeing at INFILTRATE. Call for papers will close on December 14th, 2017. Shortly after this date, the winning speakers will be notified.

Some of the benefits of speaking at INFILTRATE are:

  • A trip to Miami Beach during the non-gates-of-hell hot season
  • A stay at one of the premier luxury resorts in the area
  • A no-bullshit environment where you don't have to be apologetic about
  • Ability to participate in the 1st ever profit sharing conference