Daniel Cuthbert & Vlad OvtchinikovSensepost

Daniel Cuthbert is the Chief Operating Officer at SensePost. With a career spanning 20+ years in penetration testing, red teaming and secure software design. He is the original co-author of the OWASP Testing Guide, released in 2003 and now the co-author of the OWASP Application Security Verification Standard (ASVS).

Vlad Ovtchinikov is currently employed as a Senior Security Analyst for SensePost.
Amongst performing large-scale social engineering and red-team exercises against FTSE 100 clients, he is also a trainer for SensePost’s BlackOps master offensive security course
at Black Hat. One of his research roles at SensePost is to ensure that, as a company, they are kept up with the techniques used by those to bypass HIPS defensive solutions.

About the lecture - Peaking behind the commercial malware curtain

The commercial malware market has exploded in the last 24 months. From a small cottage industry has risen a behemouth offering infection,disruption and attack services to those with enough capital to fund extensive campaigns.

Mirroring the legitimate commercial software market, this underground industry is now responsible for some of the larger compromises in recent months. But who makes up this market?
How do you gain access to the malware on sale and what exactly is on offer?

This talk delves into the research performed by SensePost in the last few years and explores who is involved, the size of the market and who are the big players (and their clients). We showcase examples of the support structure in place for malware, the capital required to purchase
and various capabilities on offer between the sellers. APT malware has been around for years in the threat landscape and much has been said and written on the ethics of underground malware but not a lot has been covered about its commercial and government-driven

In this talk we will try and fill the gap with comparative analysis of commercial malware, leaked during the last two years, covering its market motivation and its technical capability across multiple Server/Desktop and Mobile platforms:
Command and Control infrastructure.
OS coverage.
Vectors of stage delivery.
Persistence and escalation methods.
HIPS evasion capability.


Daniel Cuthbert

Vlad Ovtchinikov
Twitter: @v1ad_o

Del på Facebook
Del på Twitter
© 2017 Watchcom Security Group AS··Phone (+47) 22 45 91 50
Powered by MPCMS
Watchcom bruker cookies (informasjonskapsler) på sine nettsider til bl.a. statistikk og skjemaoppdateringer. Ved å gå inn på nettstedet samtykker du til at det lagres cookies i din nettleser, dersom du selv ikke endrer innstillingene i nettleseren.