Publication date: November 12, 2020

New talks at The Standoff: the art of the breach, protection from ransomware, and automation of honeypot

We continue to introduce you to the upcoming talks at The Standoff online conference. How do hackers break into IT systems step by step? Is it possible to recover data after a ransomware attack? Why should we automate honeypot? These questions will be answered by the speakers we are announcing today.

The art of the breach

Robert Sell, President of Trace Labs, will tell how hackers gain physical access to the equipment or area where the IT resources they strive to obtain are located. Such physical access is often required for the exploitation of various vulnerabilities.

The talk takes the attendees through a step-by-step process to get from the sidewalk to the president's filing cabinet so everyone can see not only the steps, but how an attacker would plan the entire event. This ensures that every single audience member will have at least one point of value to bring back to their office.

Investigations and bulletproof hosting

Vladimir Kropotov and Fyodor Yarochkin, researchers at Trend Micro, will tell about pivoting techniques in investigations of bulletproof hosters. Cyberattacks leverage network hosts for a variety of different purposes. Bulletproof hosting services are used to build C2 servers, deliver exploit payloads or for hosting phishing pages, as well as other components of an attacker's network infrastructure.

The speakers will highlight techniques of pivoting through indicators and tracing its origin.

Programmer vs ransomware

Dmitry Sklyarov, Head of Reverse Engineering at Positive Technologies, will tell how he managed to recover his friend's data and find online keys for many victims of STOP (Djvu) malware. To solve this problem, he had to think like a programmer.

Honeypot infrastructure and automation

Matthias Meidinger, Software Engineer at VMRay, will show how the plethora of collected data and payloads can be visualized and processed with as little manual work as possible. Honeypots can provide valuable insights into the threat landscape both on the open Internet as well as your internal network. But deploying them correctly, and interpreting activity on them, is not easy. This is a follow-up to the VB2020 talk "Like bees to a honeypot," which focuses on generated data, its visualization, as well as automation and integration of multiple systems.

COVID-19 and IS issues

In addition to the talks, The Standoff conference will also include a series of interviews with international IS experts. For instance, Costin Raiu, Director of the Global Research and Analysis Team (GReAT) at Kaspersky, will tell what impact sophisticated attacks have on healthcare at COVID-19 time. Also, Sergey Golovanov, Principal Security Researcher at Kaspersky, will answer the question of how to react to information security incidents during COVID-19.

All news