Top talks on Malware from DEF CON 26

Our editorial team has handpicked the best of the best talks at DEF CON 26 -is one of the world's largest hacker conventions, held annually in Las Vegas, Nevada. Following is the list of top talks on Malware Security at DEF CON 26.

DEFCON 201826th Def-Con Hacking Conference is among one of the most main event on Computer, Information Technology, Cyber Security, Software, Hacking and Hack topics.

(Source: DEF CON 26)


1. Looking for Perfect Signature : An Automatic YARA Rules Generation Algorithm in the AI-era


Andrea Marcelli, PhD Student @ Politecnico di Torino and Security Researcher

In this talk I will present YaYaGen (Yet Another YARA Rule Generator), a tool to automatically generate Android malware signatures. Performances have been evaluated on a massive dataset of millions of applications available in the Koodous project, showing that in a few minutes the algorithm can generate precise ruleset able to catch 0-day malware, better than human generated ones.

>>>Go To Presentation




Alexandre Borges

The purpose of this presentation is to show clearly and without too much details that often hinders understanding, how these threats act, which components are attacked, what are the techniques used by these advanced malware to subvert the system and how existing protections work .

>>>Go To Presentation


3. Finding Xori: Malware Analysis Triage with Automated Disassembly


  • Amanda Rousseau, Senior Malware Researcher at Endgame Inc.
  • Rich Seymour, Senior Data Scientist at Endgame Inc

In this talk, We will go over the pain-points of conventional open source disassemblers that Xori solves, examples of identifying suspicious functionality, and some of the interesting things we've done with the library. We invite everyone in the community to use it, help contribute and make it an increasingly valuable tool for researchers alike.

>>>Go To Presentation


4. Your Peripheral Has Planted Malware—An Exploit of NXP SOCs Vulnerability


  • Thanh Bui, Security Researcher, Aalto University, Finland
  • Siddharth Rao, Security Researcher, Aalto University, Finland

In this talk, we will share the ARM Cortex M SOC vulnerability that we discovered and it will be two parts:

  • The first is security measurement build within the SOC and how we break it. We could gain control of changing the SOC unique ID and write the firmware or even turn the device into a trojan or bot.
  • The second is security measure built around the SOC and how we break the Secure Boot elements and write into the firmware.

>>>Go To Presentation


Your Complete Guide To Top Talks @DEF CON 26

Get your FREE Guide on Top Talks @ DEF CON 26 . Our editorial team has gone through all the talks and handpicked the best of the best talks at DEF CON into a single guide. Get your Free copy today.

>>Click Here To Get Your FREE Guide

E-mail me when people leave their comments –

You need to be a member of CISO Platform to add comments!

Join CISO Platform

Fireside Chat - Lessons Learnt From The Solarwinds Attack

  • Description:
    Meet Sudhakar Ramakrishna, CEO of @SolarWinds to discuss ‘Lessons Learnt From The SolarWinds Attack’.
    The ‘SolarWinds hack’, a cyberattack recently discovered in the United States, has emerged as one of the biggest ever targeted against the US government, its agencies and several other private companies.
    Here’s an exclusive live chat with the CEO to understand what went wrong, what to prevent and lessons learnt. Join us in the live session (Limited Seats)…
  • Created by: pritha
  • Tags: solarwindshack, ceo