LABScon

LABScon Replay | Blasting Event-Driven Cornucopia: WMI-based User-Space Attacks Blind SIEMs and EDRs

LABScon / January 11, 2023

WMI-based attacks impact all versions of Windows and can severely impact EDRs. Claudiu Teodorescu explores how they work and how they can be detected.

Read More

PDF

LABScon

LABScon Replay | InkySquid: The Missing Arsenal

LABScon / January 4, 2023

Paul Rascagneres explores a macOS port of the Windows RokRAT malware and how it bypasses Apple security protections.

Read More

PDF

LABScon

LABScon Replay | Breaking Firmware Trust From The Other Side: Exploiting Early Boot Phases (Pre-Efi)

LABScon / December 29, 2022

The first public discussion of changes in the UEFI firmware security runtime from an offensive security perspective with Alex Matrosov.

Read More

PDF

LABScon

LABScon Replay | Is CNVD ≥ CVE? A Look at Chinese Vulnerability Discovery and Disclosure

LABScon / December 15, 2022

Vulnerability disclosure in the US lags behind China's NVD, which has a history of providing APT groups with exploits. How can researchers close the gap?

Read More

PDF

LABScon

LABScon Replay | The Mystery of Metador

LABScon / December 1, 2022

An elusive APT is attacking telcos, ISPs and Universities with custom backdoors and attack chains designed to bypass native security solutions.

Read More

PDF

LABScon

LABScon Replay | Demystifying Threats to Satellite Communications in Critical Infrastructure

LABScon / November 17, 2022

Satellite communications are an integral part of many Industrial Control Systems, but their usage in critical infrastructure continues to be misunderstood.

Read More

PDF

LABScon

LABScon Replay | Are Digital Technologies Eroding the Principle of Distinction in War?

LABScon / November 10, 2022

In recent conflicts, digital technology has become weaponized, eroding the traditional barriers that divide the roles of civilians and combatants.

Read More

PDF