Botconf 2023 Wrap-Up Day #3

It’s already the third and last day… Always a strange atmosphere after the gala dinner, and people are always joining late. It’s also challenging to be the first speakers! Ronan Mouchoux and François Moerman presented «From Words to Intelligence: Leveraging the Cyber Operation Constraint Principle, Natural Language Understanding, and Association

[SANS ISC] A Backdoor with Smart Screenshot Capability

I published the following diary on “A Backdoor with Smart Screenshot Capability“: Today, everything is “smart” or “intelligent”. We have smartphones, smart cars, smart doorbells, etc. Being “smart” means performing actions depending on the context, the environment, or user actions. For a while, backdoors and trojans have implemented screenshot

[SANS ISC] Do you collect “Observables” or “IOCs”?

I published the following diary on “Do you collect “Observables” or “IOCs”?“: Indicators of Compromise, or IOCs, are key elements in blue team activities. IOCs are mainly small pieces of technical information that have been collected during investigations, threat hunting activities or malware analysis. About the last example, the malware analyst’s goal

[SANS ISC] Malicious Python Script Behaving Like a Rubber Ducky

I published the following diary on “Malicious Python Script Behaving Like a Rubber Ducky“: Last week, it was SANSFIRE in Washington where I presented a SANS@Night talk about malicious Python scripts in Windows environment. I’m still looking for more fresh meat and, yesterday, I found another interesting one. Do you

1 2 3 205