Events

BSides Denver 2017

Everyone loves a decent security conference, and BSides Denver provides one with space to breathe. Folks in sunny Colorado looking for a fine local gathering found talks on advanced social engineering, APT herding, securing smart cities and more.

Even though BSides got its start as an “open source” event taking its contributors from rejected Black Hat talks, this isn’t the island of misfit toys. Quality content is delivered at all of them. Here is Mandiant’s Hunter Hardman talking advanced social engineering techniques he tends to shun, opting for email available and helpful soft Marketing and HR targets. Discussion afterwards broke out about the value of breakout news stories during red team projects, like the current political environment’s effect on employee healthcare plans in the US.

Kyle Chambers from municpal energy provider Austin Energy presented ideas and thoughts on smart city implementations, audits, smart meters and data collection, and real world integration experiences.

Considering the issues with IoT implementations and the immaturity of development cycles in the IoT space, along with the true nature of the risk involved, it’s a particularly alarming topic. And it’s great to see it being carefully discussed by organizations like Austin Energy.

Hope to see you at BSides Denver 2018!

BSides Denver 2017

Your email address will not be published. Required fields are marked *

 

Reports

Operation TunnelSnake

A newly discovered rootkit that we dub ‘Moriya’ is used by an unknown actor to deploy passive backdoors on public facing servers, facilitating the creation of a covert C&C communication channel through which they can be silently controlled. The victims are located in Africa, South and South-East Asia.

APT trends report Q1 2021

This report highlights significant events related to advanced persistent threat (APT) activity observed in Q1 2021. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports.

The leap of a Cycldek-related threat actor

The investigation described in this article started with one such file which caught our attention due to the various improvements it brought to this well-known infection vector.

Subscribe to our weekly e-mails

The hottest research right in your inbox