LABScon Replay | Quiver – Using Cutting Edge ML to Detect Interesting Command Lines for Hunters
Gal Braun and Dean Langsam explore how LLMs can be trained to parse command lines and perform tasks like attribution and detection.
Read More
LABScon Replay | Star-Gazing: Using a Full Galaxy of YARA Methods to Pursue an Apex Actor
Greg Lesnewich explores how to to pursue an apex predator using little more than a local instance of YARA and some publicly available open-source tooling.
Read More
LABScon Replay | Does This Look Infected 2 (APT41)
Mandiant researchers Van Ta and Rufus Brown take us on a journey of discovery into the compromise of multiple U.S. Government networks by APT41.
Read More
LABScon Replay | Malshare: 10 Years of Running a Public Malware Repository
Silas Cutler, founder of MalShare, explores some of the challenges and rewards of developing and maintaining a free malware repository for researchers.
Read More
LABScon Replay | Blasting Event-Driven Cornucopia: WMI-based User-Space Attacks Blind SIEMs and EDRs
WMI-based attacks impact all versions of Windows and can severely impact EDRs. Claudiu Teodorescu explores how they work and how they can be detected.
Read More
LABScon Replay | InkySquid: The Missing Arsenal
Paul Rascagneres explores a macOS port of the Windows RokRAT malware and how it bypasses Apple security protections.
Read More
LABScon Replay | Breaking Firmware Trust From The Other Side: Exploiting Early Boot Phases (Pre-Efi)
The first public discussion of changes in the UEFI firmware security runtime from an offensive security perspective with Alex Matrosov.
Read More
LABScon Replay | Is CNVD ≥ CVE? A Look at Chinese Vulnerability Discovery and Disclosure
Vulnerability disclosure in the US lags behind China's NVD, which has a history of providing APT groups with exploits. How can researchers close the gap?
Read More
LABScon Replay | The Mystery of Metador
An elusive APT is attacking telcos, ISPs and Universities with custom backdoors and attack chains designed to bypass native security solutions.
Read More
LABScon Replay | Demystifying Threats to Satellite Communications in Critical Infrastructure
Satellite communications are an integral part of many Industrial Control Systems, but their usage in critical infrastructure continues to be misunderstood.
Read More