Investigating and defending against Malware Operations
Format
40 minutes of presentation, and then questions, feedback...
Materials
- Brain
Introduction
Targeted attacks are bad. I mean, technology was supposed to bring health, peace and happiness for everyone, and now we have people working hard in NGOs who are monitored in everything they do by foreign governments. What happened to our dreams?
Planning
-
Introduction
I will say high level generalities about targeted attacks because it is always cool to start with very generic stuff. In my case, i will give an oversight about how bad the situation is for some Tibetan NGOs.
-
Example 1: KeyBoy malware family
Examples about a report published in November. We won't enter into to much technical detail but I may say the words "assembly", "passive DNS" or "exploit". bring your jargon ball and feel free to send them as often as needed !
-
Example 2
Another more recent example with some weird emails in it.
-
Conclusion
Short conclusion because it is needed. That's the part where I try (successfully or not) to explain the difficulty in this research.
-
Discussion and Feedback
My work: answering your questions and learning from them
Your work: bring all your ideas about how to do better work and how to improve this presentation (which will be updated for IFF thanks to your feedbacks).
Glossary
Targeted Attacks
Attack using malware or phishing email by an organized group (here we will consider only attacks against civil society groups)
Follow-up Resources & Materials
Credits & Attribution
Kudos to the fellow fam, love you folks <3