Isolating the Ghost in the Machine: Unveiling Post Exploitation Threats

Isolating the Ghost in the Machine: Unveiling Post Exploitation Threats (RSA Conference 2017)

During the past year IR teams and security researchers around the world witnessed a rise in the use of legitimate tools and common scripts in malware and APT attacks. This talk will explore the presenters’ research that focused on automating the analysis of PowerShell and Macro/VBA/VBS attacks by building a heuristic-based compiler engine that determines whether a script is malicious or not.

Detailed Presentation:

(Source: RSA USA 2017)

Speakers:

Uri Fleyder-Kotler, Rotem Salinas

Uri Fleyder is a veteran Security Researcher, currently managing the Advanced Threats Research Lab within RSA research group. Fleyder has a vast amount of experience in researching advanced threats, monitoring the cybercrime ecosystem and identifying emerging trends in the fascinating and dynamic world of threat research and intelligence.

Rotem Salinas specializes in Research Driven Development acting as a part of the RSA Research Group. His work focuses on Reverse Engineering Malware targeting various platforms such as Windows, Linux and Mobile and discovering their methods of operations for further research. Salinas has been working in RSA for over 4 years and spends most of his time on malware research and coding in Python, C++, C#, JS and other languages.

Discover & Compare 1000+ Cyber Security Products (It's Free!)

FireCompass is an AI Assistant for Cyber Security Decision Making. Discover & Compare 1,000+ Cyber Security Products. Grab your FREE Account Now (For a Limited Time ONLY).

>>Click Here To Sign Up For FREE

Views: 107

Join the Discussion ...

You need to be a member of CISO Platform to join the discussion!

Join CISO Platform

Forum

Security Trends and Emerging Technologies That A CISO Should Adopt In 2021

Started by Priyanka Aash Mar 3. 0 Replies

What are the challenges you as a CISO have been facing since the last year and share some security trends that are catching up? Help the community by sharing your knowledge and personal views on this subject. Or if you have any specific questions…Continue

CISO as an enabler

Started by Maheshkumar Vagadiya Jul 30, 2020. 0 Replies

Share the instances where you were able to convince the Executive management /board that CISO function is enabler rather then a hindrance.Thanks youMaheshContinue

Has Anyone Evaluated Digital Signature (like Docusign)?

Started by CISO Platform. Last reply by Yogesh Nov 19, 2020. 2 Replies

(question posted on behalf of a CISO member)Has anyone evaluated digital signature (like Docusign), any specific risk/ security areas to be looked into while finalising a vendor? Any and all inputs will be very much appreciated.Continue

What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?

Started by CISO Platform. Last reply by ANAND SHRIMALI May 20, 2020. 4 Replies

(question posted on behalf of a CISO member)What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?Related Question: …Continue

Follow us

Contact Us

Email: contact@cisoplatform.com

Mobile: +91 99002 62585

InfoSec Media Private Limited,First Floor,# 48,Dr DV Gundappa Road, Basavanagudi,Bangalore,Karnataka - 560004

© 2021   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service

/* */