Tue 13 December 2022 | 6:30 pm - 8:30 pm
- , ,
The Security Research meetup is a great occasion to connect with other security researchers or developers, by discussing all things security, sharing tips and tricks for creating exciting insights, discussing variant analysis and other security research techniques, integrating with developer and security response workflows, and more.
We will start with 30 minutes of mingling and then dive right into 3 GREAT talks from cybersecurity experts.
Ido Rozen / Security Research Lead @ Transmit Security
Phishing, not what you thought
Sharon Brizinov / Director of Security Research @ Claroty
Evil PLC Attack
Boaz Katzir / Cyber Threat Intelligence Team Leader @ Fortinet
Making the most out of YARA
The event will include Beers & Pizzas
Phishing, not what you thought
Social engineering is the psychological manipulation of people into performing specific goal-oriented actions that ultimately lead to divulging confidential information. All social engineering techniques are based on specific attributes of human decision-making known as cognitive biases. Social engineering scams are on the rise and easy step-by-step guides are everywhere on the web.
We will start with understanding the origins of social engineering, and then, explore a few interesting examples & methods while taking a sightseeing ride through various interesting repositories dealing with head-on phishing scam creation.
Evil PLC Attack
These days, Programmable Logic Controllers (PLC) in an industrial network are a critical attack target, with more exploits being identified every day. But what if the PLC wasn’t the prey, but the predator? This presentation demonstrates a novel TTP called the “Evil PLC Attack”, where a PLC is weaponized in a way that when an engineer is trying to configure or troubleshoot it, the engineer’s machine gets compromised.
We will describe how engineers diagnose PLC issues, write code, and transfer bytecode to PLCs for execution with industrial processes in critical sectors, including electric, water and wastewater, heavy industry, and automotive manufacturing. Then we will describe how we conceptualized, developed, and implemented different techniques to weaponize a PLC in order to achieve code execution on an engineer’s machine.
Making the most out of YARA
YARA rules appear to be quite simple, and in fact, writing one is incredibly easy. They became so common that attackers have adopted techniques to evade them.
In this meetup we will discuss how to utilize this tool against a wide variety of advanced and evasive malware, using real-world case studies.
The talk will cover the latest updates to the YARA engine and how to utilize them for our benefit.
We’ll explore how attackers try to make our work harder and how we can deal with that using manual and automated procedures.
We will also compare different rules and techniques to understand how to create long-lasting, hard-to-evade rules, which will enable you to detect malware samples before any AV will.
Looking for more cool events? Sign up to our weekly Events Newsletter to get all kinds of awesome recommendations directly to your inbox!
Sign up to our weekly Events Newsletter here
Looking for more ideas?
