Isolating the Ghost in the Machine: Unveiling Post Exploitation Threats (RSA Conference 2017)

During the past year IR teams and security researchers around the world witnessed a rise in the use of legitimate tools and common scripts in malware and APT attacks. This talk will explore the presenters’ research that focused on automating the analysis of PowerShell and Macro/VBA/VBS attacks by building a heuristic-based compiler engine that determines whether a script is malicious or not.

Detailed Presentation:

(Source: RSA USA 2017)

Speakers:

Uri Fleyder-Kotler, Rotem Salinas

Uri Fleyder is a veteran Security Researcher, currently managing the Advanced Threats Research Lab within RSA research group. Fleyder has a vast amount of experience in researching advanced threats, monitoring the cybercrime ecosystem and identifying emerging trends in the fascinating and dynamic world of threat research and intelligence.

Rotem Salinas specializes in Research Driven Development acting as a part of the RSA Research Group. His work focuses on Reverse Engineering Malware targeting various platforms such as Windows, Linux and Mobile and discovering their methods of operations for further research. Salinas has been working in RSA for over 4 years and spends most of his time on malware research and coding in Python, C++, C#, JS and other languages.

8669813498?profile=original

Discover & Compare 1000+ Cyber Security Products (It's Free!)

FireCompass is an AI Assistant for Cyber Security Decision Making. Discover & Compare 1,000+ Cyber Security Products. Grab your FREE Account Now (For a Limited Time ONLY).

>>Click Here To Sign Up For FREE

E-mail me when people leave their comments –

You need to be a member of CISO Platform to add comments!

Join CISO Platform

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)