GReAT Ideas. Powered by SAS: malware attribution and next-gen IoT honeypots

Get the inside scoop on GReAT, Kaspersky’s Global Research and Analysis team, which works on uncovering APTs, cyber-espionage campaigns, major malware, ransomware and underground cyber-criminal trends across the world.

‘GReAT Ideas. Powered by SAS’ is a series of talks held by GReAT and aimed at sharing their latest expertise on hot tech topics. Inspired by the regular team internal meet-ups, as well as by the Security Analyst Summit’s friendly atmosphere of exchanging knowledge, this series will empower you with information about the threat landscape, the most recent cases and techniques used in the cybersecurity world, directly from the experts themselves.

Here is what you will learn during this webinar:

  • Linking attacks to threat actors: case studies
  • In this talk, Kurt Baumgartner will examine recent APT alerts and discussions, and how to get the jump on how or why this malware is connected with past activity. In particular, we will start with 2020 Kwampirs and Lazarus reporting and present details on these malware techniques.

  • Threat hunting with Kaspersky’s new malware attribution engine
  • Kaspersky introduces a new malware attribution engine, which has evolved from an internal tool used by Kaspersky’s GReAT. This technology was already leveraged in the investigation of a number of renowned APT campaigns, such as TajMahal, ShadowHammer, ShadowPad and Dtrack. See how it works in a demo by Costin G. Raiu, the director of GReAT

  • Microcin-2020: GitLab programmers ban, async sockets and the sock
  • In this current campaign, the threat actor Microcin is still using steganography, keeping his interest in diplomatic entities, but has improved the last-stager in an interesting way. Learn about it directly from Denis Legezo, the researcher who analyzed it.

  • The next generation IoT honeypots
  • Kaspersky Honeypots Team will show you the techniques and new kicks in the next generation of honeypot infrastructure being developed by Kaspersky.