Hiding In Plain Sight: Unique Methods Of C2 From Infostealers

Update: 2024-03-05

Description

Network-based detections, such as those developed by threat detection engineers using tools like suricata and snort signatures, play a crucial role in identifying and mitigating cyber threats by scrutinizing and analyzing network traffic for malicious patterns and activities.

Today’s guest is Isaac Shaughnessy, a Threat Detection Engineer at Proofpoint. Isaac shares his insights into the challenges of detecting and mitigating malware, especially those using social platforms for command and control. He emphasizes the team's engagement with the InfoSec community, highlighting the value of platforms like Twitter and Mastodon for sharing and receiving information.

We also dive into:

the unique challenges of crafting effective signatures
the specifics of malware, focusing on Vidar stealer and highlighting the dynamic nature of Vidar's command and control infrastructure
the distribution methods of these malware strains, from email campaigns to unconventional tactics like using video game platforms and social media for luring victims

Resources mentioned:

Intro to Traffic Analysis w/ Issac Shaughnessy
Emerging Threats Mastodon: https://infosec.exchange/@emergingthreats
Threat Insight Mastodon: https://infosec.exchange/@threatinsight
Vidar Stealer Picks Up Steam!

For more information, check out our website.

Comments

Top Podcasts

The Best New Comedy Podcast Right Now – June 2024 The Best News Podcast Right Now – June 2024 The Best New Business Podcast Right Now – June 2024 The Best New Sports Podcast Right Now – June 2024 The Best New True Crime Podcast Right Now – June 2024 The Best New Joe Rogan Experience Podcast Right Now – June 20 The Best New Dan Bongino Show Podcast Right Now – June 20 The Best New Mark Levin Podcast – June 2024

In Channel

Guarding the Vote: Unmasking Cyber Threats in Election Season

2024-09-1732:38

Very Mindful, Very APT: Inside the Activity of Current Espionage Actors

2024-09-0449:36

Rebel Security Training: Cyber Lessons from A Galaxy Far, Far Away

2024-08-2003:38

The Art of Frustrating Hackers: Diving Into the DEaTH Cycle with Randy Pargman

2024-08-0652:36

The Hunt for Cyber Criminals: A Deep Dive with Wired's Andy Greenberg

2024-07-2455:37

Have you heard: Only Malware in the Building?

2024-07-1503:10

Malware Evasion Uncovered: The Battle Against Evolving Malware Techniques

2024-07-0933:53

Checkmate: Breaking Down Operation Endgame

2024-06-2546:57

Hacking the Human Mind: How Cyber Attackers Exploit Our Brains

2024-06-1117:37

Decrypting Cyber Threats: Tactics, Takedowns, and Resilience

2024-05-2913:58

It Works on My Machine: Why and How Engineering Skills Matter in Threat Research

2024-05-0846:55

Decoding TA4903: Exploring the Dual Objectives of a Unique Cyber Threat Actor

2024-04-0240:57

A Trip Down Malware Lane: How Today's Hottest Malware Stacks Up Against Predecessors

2024-03-1956:22

Hiding In Plain Sight: Unique Methods Of C2 From Infostealers

2024-03-0527:23

From Attribution to Advancement: Red Canary’s Katie Nickels Tackles CTI’s Biggest Questions

2024-02-2047:04

Beyond the Headlines: Reporting on Sensitive Cybersecurity Topics to Resonate with Everyone

2024-02-0655:39

Strategies for Defense and Disruption: Part Two of Predicting Cyber Threats in 2024

2024-01-2301:06:17

Phishing, Elections, and Costly Attacks: Part One of Predicting Cyber Threats in 2024

2024-01-0945:00

Jingle Bells, Phishing Tales: Reflecting on Cybersecurity in the Holiday Spirit

2023-12-2601:04:59

I Know This Might Sound Crazy but Russia’s TA422 Blasted Lots of Exploits

2023-12-1250:39

00:00

Hiding In Plain Sight: Unique Methods Of C2 From Infostealers

#box-pro-ellipsis-172677658871875{-webkit-line-clamp:2;}Hiding In Plain Sight: Unique Methods Of C2 From Infostealers

Hiding In Plain Sight: Unique Methods Of C2 From Infostealers

Proofpoint

Hiding In Plain Sight: Unique Methods Of C2 From Infostealers