Tales of an InfoStealer
[2014-10-10 Fri 19:05] speaker: Vicky Khan, Palo Alto Networks event: Friday Hacks, NUS Hackers ** Cyber kill chain
- reconnaissance
- weaponize
- deliver most APT attacks are sent via email
- exploit
- install
- command and control
- act on objectives ** static analysis analyze the binary, what API calls it makes ** dynamic analysis learn the behavior of the malware extracting indicators of compromise
- DNS queries
- network traffic ** cybercriminals make mistakes too exploit their C&C server trace the source of the email ** security platform intelligence sharing firewall endpoint security