Presented at
Still Hacking Anyway (SHA2017),
Aug. 4, 2017, 9:10 p.m.
(60 minutes)
We all are aware of the malware attacks and bot-net's behind this massive illegal industry which drains out pockets and even take our lives. This criminal organisations have own rules and own secrets that they don't want us to reveal. They like to infect hack and control the victims without get caught by law enforcements. We all know that end-point security is not enough for the zero day malware attacks so my research was always focused on their command and control centres. We will never win the malware war if we don't reveal their dirty job from inside, having this aim i managed to revel more than 10 unique C&C server dirty secrets in past years. This research articles are published in various cybersecurity magazines in Europe and Asia.
#NetworkSecurity
We all are aware of the malware attacks and bot-net's behind this massive illegal industry which drains out pockets and even take our lives. This criminal organisations have own rules and own secrets that they don't want us to reveal. They like to infect hack and control the victims without get caught by law enforcements. We all know that end-point security is not enough for the zero day malware attacks so my research was always focused on their command and control centres. We will never win the malware war if we don't reveal their dirty job from inside, having this aim i managed to revel more than 10 unique C&C server dirty secrets in past years. This research articles are published in various cybersecurity magazines in Europe and Asia.
Outline
Provide a detailed outline of the topics you plan to cover. It is critical to show the logical progression of your presentation.
At this presentation i will reveal the famous bot-net’s from inside to outside, with all the original source code, files and logic behind those criminals. By revealing this C&C servers we will see and learn how serious they take this illegals business and we will have a chance to peak inside the Cryptolocker C&C server and unique full autopilot C&C server for bank fraud as other unique C&C servers listed below.
This is the list of the bot-net’s i covered in this presentation.
• Revealing Unique MitB Builder C&C Server
• NAS Botnet Revealed
• Inside Cryptolocker C&C server
• Are 2 factor authentications enough to protect your money?
• Kins origin malware acting like a Real E-banking web app
• Infostealer Botnet Reveal
• State of ART Phishing Attack stealing 50K Credit Cards Reveal
• One shot eight banks
• Target List of Hesper-BOT Malware
Take Aways
What do you hope attendees will gain from the presentation?
I am also going to reveal the "patched" zero-day RCE vulnerability for the Vodafone-Netherlands "DrayTek Vigor2132FVn"
After this presentation the tenders will gain knowledge and information about this bot-net’s by unlocking and understanding their logic and attack methods.
We going to peak inside this famous Bot-nets and their original files, we will see their attack logic and architecture design. We will share and exchange our past experience with real case scenarios.
Cheers,
Presenters:
-
Senad Aruc
Seasoned cyber security professional with more than 10-years experience in: Incident management, SOC and MSSP experience, IT Security, IDS & IPS, SIEM, Network and Digital Forensics, Malware Analyses, ISMS-RISK management, Ethical Hacking, Vulnerability Management, Anti Fraud & Phishing, Drop zone and Bot-Net interception. Skills include written & verbal communications in 6 different languages. Taking leadership role with focus on technical design, support & troubleshooting of networking & security solutions.
Specialties, Experience and certified in SANS SEC511- Continuous Monitoring & Security Operations, Splunk Power Users Traning,Incident Response - Black Hat Edition, Mandiant Redline Training– Mandiant, SA Security Analytics Platform, SIEM(Security Incident Event Management), IDS(Intrusion Detection System), IPS(Intrusion Prevention System), CEH - Ethical Hacking and Countermeasures (CEHv7), ISMS - MASTER (PECB), Certified Risk Manager iso27005 (RABQSA) Veridion, Lead Implementer iso27001 (PECB), Lead Auditor iso27001 (PECB), ISO 17799 and ISO 9001(Certificate)
Links:
Similar Presentations: