14

3rd Meetup – Hunting Ghost RAT Using Memory Forensics

In this awesome presentation, Monnappa KA explained the details of Ghost RAT malware used in various Cyber Espionage attacks. He showcased the sandbox analysis, traffic pattern and decrypting the communications of Ghost RAT from packet capture. He also demonstrated both manual and automated method of detecting and decrypting the communications of Ghost RAT using memory […]

0

3rd Meetup – Anatomy of Exploit Kits

In this awesome presentation, Sameer Patil explained the concept of Exploit Kits and its working with some interesting case studies. He also covered various phases of exploitation and demonstrated the analysis of Nuclear and Fiesta exploit kits.   Presentation:   Video Demo 1:   Video Demo 2:

12

2nd Meetup – Reversing and Decrypting the Communications of APT Malware

In this awesome presentation, Monnappa explained about Etumbot malware used in a Cyber Espionage attack.  He showcased the sandbox analysis, Reverse engineering and Decrypting the communications of Etumbot Backdoor using practical video demonstrations.    Presentation:   Video Demo 1:   Video Demo 2:   Video Demo 3:   References: http://www.arbornetworks.com/asert/2014/06/illuminating-the-etumbot-apt-backdoor/ http://www.fireeye.com/blog/technical/botnet-activities-research/2014/09/darwins-favorite-apt-group-2.html

14

Meetup 1 – Watering Hole Attacks Case Study and Analysis

In this presentation Monnappa showcased a novel concept in security arena – “Watering Hole Attack”. He presented various exploitation methods around it using the practical video demonstration.   Presentation:   Video Demonstration: References: žhttp://about-threats.trendmicro.com/RelatedThreats.aspx?language=au&name=Watering+Hole+101 http://www.fireeye.com/blog/technical/cyber-exploits/2014/02/operation-snowman-deputydog-actor-compromises-us-veterans-of-foreign-wars-website.html http://www.securityweek.com/new-ie-10-zero-day-used-watering-hole-attack-targeting-us-military žhttp://blogs.cisco.com/security/watering-hole-attacks-target-energy-sector/