Schoolbell and the Kingslayer

Kent Backman In this report, Mr. Backman will describe the investigation by RSA researchers into the threat actor infrastructure behind a global espionage-related network of thousands of infected servers, dubbed “Schoolbell.”  In the course of the Schoolbell investigation, RSA uncovers “Kingslayer”, a

Read more

IOCs are Dead – Long Live IOCs!

Ryan Kazanciyan Indicators of Compromise (IOCs) were meant to solve the failures of signature-based detection tools. Yet today’s array of IOC standards, feeds, and products have hardly impeded attackers, and most intelligence remains shared in flat lists of hashes, IP addresses, domain names, or strings. Just as brittle as an anti-virus

Read more

Cyberdyne: Automatic bug-finding at scale

Peter Goodman Creating a scalable, distributed bug-finding system that is more than just the sum of its parts is challenging. Finding bugs that occur deep within a program’s execution requires the application of multiple bug-finding approaches (e.g. fuzzing, symbolic execution, static analysis). This talk will describe the practical

Read more

CodexGigas Malware DNA Profiling Search Engine

Luciano Martins and Rodrigo Cetera Similar to human fingerprints, every malware has its own unique digital fingerprint information that differentiates it from others.  As a result, malware will always attempt to hide their true self by deleting or changing this information to avoid detection by antivirus companies and malware researchers.

Read more