Events

Looking back at BlackHat

BlackHat USA may have been wrapped up for the year but DEFCON is in full swing.
I didn’t stay around for DEFCON though, which means I finally have some time to reflect on BlackHat.

This year featured the first time Apple presented at BlackHat, about iOS security.
While the presentation lacked the details usually seen in BH talks it definitely showed Apple is trying to open up. Being (more) communicative is vital to doing security response right.

This is of particular importance for Apple as there were quite a few talks focusing on Apple’s security. Ranging from attacks on iOS to Mac-oriented EFI rootkits.

Morgan Marquis-Boire’s talk on malware attacks targeting activists in the Middle East was of particular interest, amongst others disclosing the finding of FinFisher malware.
FinFisher – which is sold to governments – has been discussed in the past but up until now samples had never been found. See a blog post on the topic here.

Overall it was another very interesting conference and I’ll be looking forward to see what the next BlackHat will bring.

David and Nikita at BlackHat

Looking back at BlackHat

Comment

Your email address will not be published.

 

Cancel

  1. Waffa

    The blog post link has died out.

    If we would only know that there is ways be on computer electronic that can monitor and track humans.. 🙂

    Spiritual ware and spy systems 😉

Reports

The SessionManager IIS backdoor

In early 2022, we investigated an IIS backdoor called SessionManager. It has been used against NGOs, government, military and industrial organizations in Africa, South America, Asia, Europe, Russia and the Middle East.

APT ToddyCat

ToddyCat is a relatively new APT actor responsible for multiple sets of attacks against high-profile entities in Europe and Asia. Its main distinctive signs are two formerly unknown tools that we call ‘Samurai backdoor’ and ‘Ninja Trojan’.

WinDealer dealing on the side

We have discovered that malware dubbed WinDealer, spread by Chinese-speaking APT actor LuoYu, has an ability to perform intrusions through a man-on-the-side attack.

APT trends report Q1 2022

This is our latest summary of advanced persistent threat (APT) activity, focusing on events that we observed during Q1 2022.

Subscribe to our weekly e-mails

The hottest research right in your inbox