Events

Hello from Infiltrate 2013

Today is the second and last day of Infiltrate 2013 which is taking place in Miami Beach.
It’s my first time at Infiltrate and so far I’ve been really enjoying the conference.

The opening keynote by Chris Eagle definitely set the tone for the rest of the con, with a very clear focus on offense.
Chris shared his own view on various issues concerning how the US Armed Forces – and the Navy in particular – deal with educating people on cyber.
One of the bits I found particularly interesting was the title 10 issue. Many of the experts creating cyber-tools, which would make them best equipped to handle them, are civilians.
However under title 10 only military personnel can actually ‘pull the trigger’. You can see how this can be problematic.

An additional issue raised was the problem of getting – and retaining – people who are well-trained. One suggestion was to have the military pay for people’s education and have them serve a few years in return. This is similar to what the USAF does with the pilots it trains.
This is something I’ve suggested as well and frankly I think this approach can’t arrive soon enough.

Dave Aitel opening day two

Greg Hoglund is going to close the conference talking about the issues around “Hacking Back” and Active Defense.
There’s been quite a lot of talk about these topics as of late. It was one of the major topics at the Suits & Spooks conference which took place in D.C. a few months ago.
Surely we’ll be revisiting these topics some more at the bar tonight.

Hello from Infiltrate 2013

Your email address will not be published. Required fields are marked *

 

Reports

Focus on DroxiDat/SystemBC

An unknown actor targeted an electric utility in southern Africa with Cobalt Strike beacons and DroxiDat, a new variant of the SystemBC payload. We speculate that this incident was in the initial stages of a ransomware attack.

APT trends report Q2 2023

This is our latest summary of the significant events and findings, focusing on activities that we observed during Q2 2023.

Meet the GoldenJackal APT group. Don’t expect any howls

GoldenJackal is an APT group, active since 2019, that usually targets government and diplomatic entities in the Middle East and South Asia. The main feature of this group is a specific toolset of .NET malware, JackalControl, JackalWorm, JackalSteal, JackalPerInfo and JackalScreenWatcher.

Subscribe to our weekly e-mails

The hottest research right in your inbox