Threat hunting: Using MITRE ATT&CK against Carbanak malware

Presented at BSidesSF 2022 Rescheduled, June 5, 2022, 11:10 a.m. (50 minutes)

This talk demonstrates the MITRE ATT&CK Framework in action for threat hunting with the example of 'Carbanak' backdoor which was designed specifically for banking applications.

Presenters:

• Amol Sarwate - Fidelis Cybersecurity
  Amol Sarwate heads Fidelis and CloudPassage worldwide threat and security research lab responsible for Network, Endpoint and Cloud. He has devoted his career to protecting, securing, and educating the community from security threats. Sarwate has presented his research on cloud security, vulnerability trends, malware, security axioms, SCADA security, exploit kits, IoT at numerous security conferences. He holds multiple US patents in security posture assessment and threat detection. He has contributed to SANS TOP 20, Verizon data breach reports, SANS @ RISK newsletters, and is a former OVAL board member.

Links:

• https://bsidessf2022.sched.com/event/rjrF/threat-hunting-using-mitre-attck-against-carbanak-malware

Similar Presentations:

• CHCon '20 (2020) / ATT&CK'ing it wrong - how to use ATT&CK effectively at an NZ scale
• BSidesDC 2019 / Keeping CTI on Track: An Easier Way to Map to MITRE ATT&CK
• Black Hat USA 2019 / MITRE ATT&CK: The Play at Home Edition