Isolating the Ghost in the Machine: Unveiling Post Exploitation Threats (RSA Conference 2017)
During the past year IR teams and security researchers around the world witnessed a rise in the use of legitimate tools and common scripts in malware and APT attacks. This talk will explore the presenters’ research that focused on automating the analysis of PowerShell and Macro/VBA/VBS attacks by building a heuristic-based compiler engine that determines whether a script is malicious or not.
Detailed Presentation:
(Source: RSA USA 2017)
Speakers:
Uri Fleyder-Kotler, Rotem Salinas
Uri Fleyder is a veteran Security Researcher, currently managing the Advanced Threats Research Lab within RSA research group. Fleyder has a vast amount of experience in researching advanced threats, monitoring the cybercrime ecosystem and identifying emerging trends in the fascinating and dynamic world of threat research and intelligence.
Rotem Salinas specializes in Research Driven Development acting as a part of the RSA Research Group. His work focuses on Reverse Engineering Malware targeting various platforms such as Windows, Linux and Mobile and discovering their methods of operations for further research. Salinas has been working in RSA for over 4 years and spends most of his time on malware research and coding in Python, C++, C#, JS and other languages.
Discover & Compare 1000+ Cyber Security Products (It's Free!)
FireCompass is an AI Assistant for Cyber Security Decision Making. Discover & Compare 1,000+ Cyber Security Products. Grab your FREE Account Now (For a Limited Time ONLY).
Comments