Hi [[ session.user.profile.firstName ]]

The Trojan Horse inside the Trojan Horse: Tackling C2 Communications

Join us at the " The Trojan Horse inside the Trojan Horse: Tackling C2 Communications" webinar where you will learn:

1.Understand AnubisNetworks’ Cyberfeed service, and how it may help your organization to support your threat intelligence program.

2.Understand how to use Cyberfeed to trace back an infection and understand its behavior.

3.Answer these questions:
•What’s happening in country X and network
•How is botnet XPTO spreading?
•Can send me the report of Y every day at 7 am?
•Can I get a report for ASN Corporation Z?
Recorded Nov 19 2014 50 mins
Your place is confirmed,
we'll send you email reminders
Presented by
João Gouveia - AnubisNetworks´CTO
Presentation preview: The Trojan Horse inside the Trojan Horse: Tackling C2 Communications

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Nivdort: A long lasting threat with a big bag of tricks Recorded: Nov 8 2016 44 mins
    Tiago Pereira – Threat Intel Researcher, at AnubisNetworks
    Nivdort is a malware family that has been around for several years. Over these years it has been subject to several improvements and, as a result, today it is a very interesting piece of malware with an uncommonly large number of features that has steadily kept a few botnets running with a high number of infections.

    Join us on this webinar to learn more about the Nivdort family and some of its extensive list of tricks (e.g. DGA, P2P, information stealing, email spam, instant messaging spam, bitcoin mining), and about its worldwide infection distribution.
  • The Security Risks of Orphaned Network Traffic Recorded: Aug 10 2016 47 mins
    João Gouveia, CTO, AnubisNetworks
    As part of our research work focused on identifying automated network traffic that we can relate with malicious behavior and botnet communications, we often come across with traffic not necessarily related to malicious intent, but that represents a high risk for the companies allowing it to occur on their networks.

    Often associated with abandoned ware, policy control failures, or miss configurations, these traffic patterns end up exposing company information and assets to multiple risk levels.

    On this webinar, we are going to explore this byproduct of our botnet research, how widespread this problem is, how we can use this to relay risk information to companies, and the several degrees of exposure and impact that this type of traffic can represent.
  • Cyberfeed: How CERTs Can Respond to Country-wide Malware Campaigns Recorded: Jun 8 2016 28 mins
    AnubisNetworks Product Management
    CERTs and CSIRTs need the proper tool for understanding the Malware threats ongoing within their portfolio of constituents, but also obtain a real, and timely view on the Infection Landscape worldwide, per industries, sectors, and countries.

    We have leveraged our renowned Cyberfeed threat Intelligence and developed a Platform specifically designed for Incident Response and Situational Response.

    This presentation shows our work, but also hints at the features all CERTs should have to achieve their goals.
  • Overview of the Ransomware scene in 2016 Recorded: May 10 2016 38 mins
    AnubisNetworks, Senior Threat Intel Researcher
    Ransomware is on the rise. Only in the first quarter of 2016 a dozen of new families have emerged with Locky leading the way. This webinar will summarize who are the new players, and their technical ability to perform in the ransomware market against the well-established TeslaCrypt and Cryptowall. We will also dive in on how companies can protect themselves against ransomware in general and some of this malware in particular.
  • P2P File-sharing Crowd Sourced Malware Distribution Recorded: Mar 16 2016 32 mins
    Anubis Networks, Threat Intel Researcher
    BitTorrent is a very well-known protocol for large files distribution over the internet and it’s used by every industry from Linux distributions to copyrighted software and also for more questionable uses. Loved and hated by many, it is today unquestionably part of the internet landscape.

    With over 300 million users swapping files via BitTorrent every month, according to startup Tru Optik, with little or no supervision or control, it has also became an important target for malware distribution, explored by criminals worldwide, making both users as well as organizations victims.

    In this session we will present a research done by AnubisNetworks Labs team that shows how Bittorrent is an infection vector used by malware creators to compromise machines at a global scale, with minimum effort.

    We will provide a historic view concerning the P2P Networks evolution from the early players such as E-Mule, Napster, Kazaa; highligh the Bittorrent protocol and how it works. The methodology used in this research unveiled which applications and operating systems are more vulnerable but more importantly which botnets are more common shipped with torrents and what type of risk they pose to users and organizations.


    · Why P2P file sharing is a security risk to both users and organizations

    · How malware is disseminated using different type of applications

    · Most common types of malware shipped with torrents
  • Dridex: Chasing a Botnet from the Inside Recorded: Dec 2 2015 48 mins
    AnubisNetworks Labs Team
    In light of recent news about Dridex takedown, AnubisNetworks Labs team would like to take this webinar to share with the community some of the efforts undertaken during this investigation led by the NCA, with our participation, to track this malware and exploit its communication channels.

    In March 2015, AnubisNetworks Labs team started analyzing multiple malware samples of the Dridex family which ultimately led to running a fake node inside Dridex botnets.

    Dridex has been around since November 2014 and it is an evolution of the malware families known as Bugat, Geodo, Feodo and Cridex. The malware is distributed via email, with a malicious Microsoft Word document as attachment which, once opened, downloads a second stage payload that infects the system.

    Primarily targeting homebanking users, it is a malware with various capabilities including man in the browser, keylogger, proxy and VNC. It features a peer-to-peer (P2P) network and uses cryptography on its communication channels.

    Dridex botmasters are very active, launching new campaigns against different geographies, hardening the botnet infrastructure with new countermeasures and command and control systems on a regular basis. By hiding inside Dridex, our researchers compiled and gained knowledge about this botnet modus operandi.

    In this webinar AnubisNetworks´ security team will share the research done, focusing

    Key takeways from this webinar:
    · Map Dridex infections of associated botnets;

    · Understand the complexity of Dridex communication channels;

    · How we run a fake Dridex node
  • From Detection to Mitigation, Closing the Loop on the Threat Intelligence Cycle Recorded: Sep 15 2015 39 mins
    Valter Santos, Threat Intelligence Researcher, AnubisNetworks
    Threat intelligence could mean different things to different people, but for AnubisNetworks it is defined as stopping cyber threats by providing actionable threat intelligence from the moment a breach is detected until it is solved.

    By combining Cyberfeed technology, the excellence and expertise of AnubisNetworks security team, this webinar will help you understand the roadmap your organization needs to follow to keep safe against cyber threats.

    In this webcast we will describe how to use Cyberfeed capabilities to leverage incident response inside an organization. With real-time alerting we will drive you on tracking a malware infection with network and host based indicators of compromise, traveling along the way with memory forensic analysis.
  • Anatomy of a Botnet – Dissecting and Malware analysis Recorded: Jun 9 2015 43 mins
    Tiago Pereira, Threat Intel Researcher at AnubisNetworks
    Knowing that your company has been compromised is just the first step in a long road to erase the threat.

    Many companies take weeks and sometimes months to address compromised machines due to a lack of real-time notifications or, in many cases, a deep understanding of the malware profile.

    Tiago Pereira, Threat Intel at AnubisNetworks will share the methodology used by AnubisNetworks which comprises the combination of Cyberfeed threat intelligence capabilities with the expertise of the security team to dissect and understand the botnet behaviour, destroying capabilities and threat risk for organizations. The first part of the webinar will be dedicated to explaining the methodology and the second how it was applied in a real case study.

    In this webinar you will learn:
    - AnubisNetworks’ sinkhole techniques and botnet research methodology
    - Case study: understand a botnet:

    o DGA mechanisms

    o Decipher the network protocol

    o Uncover the malware capabilities
  • Cyberfeed New Release Presentation Recorded: Apr 2 2015 37 mins
    Nuno Periquito
    AnubisNetworks Adds Powerful New Features to Cyberfeed Security Intelligence Service.
    New Cyberfeed release delivers more visibility into cyber threat vectors and improved enrichment and correlation, providing actionable threat intelligence, as recently attested by Europol in major Ramnit takedown
  • Catch me if you can: The Hunt for Hidden Botnets Recorded: Mar 17 2015 48 mins
    João Gouveia, CTO, AnubisNetworks
    Botnet sophistication is increasing at an astonishing speed. Malicious actors continually use new resources and develop new methods for attacking organisations for a myriad of reasons but with a simple purpose; to look for vulnerabilities in the whole operating environment and compromise an organisation’s security.

    It is estimated that about 16% to 25% of Internet traffic in the world comes from communication between various types of malware. Without an adaptive security approach it becomes challenging for any organisation to process and analyse the sheer volume of data being generated, which is why a different approach is critical. It should involve identifying botnet activity using new methods, leveraged on automation and machine learning techniques, which are best suited to help tackle this challenge.

    Join João Gouveia, CTO of AnubisNetworks for a discussion focused on the most common botnet evasion techniques and how to fight them. This webinar will highlight Cyberfeed’s (AnubisNetworks threat intelligence solution) capabilities, to present a cutting edge approach on botnet activity identification, related traffic and risk level.

    In this webinar you will learn:

    •The main challenges and the current Malware landscape

    •Botnet invasion techniques

    •A holistic approach to detecting botnet activity, correlating different attack vectors and techniques
  • The Trojan Horse inside the Trojan Horse: Tackling C2 Communications Recorded: Nov 19 2014 50 mins
    João Gouveia - AnubisNetworks´CTO
    Join us at the " The Trojan Horse inside the Trojan Horse: Tackling C2 Communications" webinar where you will learn:

    1.Understand AnubisNetworks’ Cyberfeed service, and how it may help your organization to support your threat intelligence program.

    2.Understand how to use Cyberfeed to trace back an infection and understand its behavior.

    3.Answer these questions:
    •What’s happening in country X and network
    •How is botnet XPTO spreading?
    •Can send me the report of Y every day at 7 am?
    •Can I get a report for ASN Corporation Z?
  • The Rubik’s Cube of Threat Intelligence - CLOSING THE LOOP ON LIVE MALWARE AWARE Recorded: Oct 9 2014 3 mins
    Nuno Periquito - Head of Marketing
    - Learn how AnubisNetworks delivers actionable threat intelligence by combining real-time and large volumes of relevant data from various complementary sources.
    - Strategies for correlating information from distinct propagation vectors and malware analysis, resulting in the closure of the loop through sinkholing infrastructure, providing 360º visibility over the malware landscape. AnubisNetworks’ Cyberfeed utilizes a unique and innovative approach to threat intelligence that focuses on mapping malware campaigns along with method and propagation vectors
  • THE RUBIK´S CUBE OF THREAT INTELLIGENCE Recorded: Sep 17 2014 48 mins
    João Gouveia, CTO, AnubisNetworks & Javvad Malik, Senior Analyst, 451 Research
    Like the Rubik´s cube, where to successfully complete the puzzle you need to look at all faces, the same principle applies to any type of cyber threat. If your organization focuses on only one face of the threat then it loses sight of the bigger picture thus creating a false sense of safety.

    The real challenge is providing actionable threat intelligence to organizations and the only way to achieve this is to have a 360º view of the threat by encapsulating data from a rich variety of sources, processing large volumes of relevant data while delivering results in real-time and providing a holistic view of the threat to support informed decisions and prioritize action plans.

    Join Javvad Malik of 451 Research and João Gouveia, CTO of AnubisNetworks for a discussion on why organizations must strive to gain full visibility of a threat´s many faces, correlating different attack vectors such as email and web with real-time through processing of all relevant security events.

    In this webinar you will learn:

    •about the current Threat Intelligence landscape and its limitations.

    •how to deliver actionable threat intelligence by combining real-time and large volumes of relevant data from various complementary sources.

    •strategies to correlate information from propagation vectors such as email, with the analysis of the malware itself, and then closing the loop with the sinkholing infrastructure in order to gain 360º visibility over the malware landscape
  • 360º Approach on the Malware Landscape Recorded: Sep 15 2014 3 mins
    This is the story that unveils the technology behinds AnubisNetworks’ threat intelligence solution, Cyberfeed, and how it helps organizations worldwide to understand and mitigate cyber threats.
    Cyberfeed takes an innovative and holistic approach to threat intelligence by focusing on mapping the malware campaign, method and propagation vectors.
  • Cyberfeed - Delivering Real Security in Real-Time against Real Threats Recorded: Aug 12 2014 4 mins
    Nuno Periquito - Head of Marketing
    Every day we're exposed to news of cyber-attacks taking place across the globe. Right now millions of computers are infected with malware trying to obtain sensitive data, representing a real threat to every nation or organization. This video will present how Cyberfeed can play a critical role in the early detection of cyber-threats, by combining a rich variety of sources with the processing of large volumes of relevant data while delivering results in real-time. A new and powerful approach to fighting cyber-crime for organizations and government agencies.
Accessible Threat Intelligence
About AnubisNetworks' Service, Cyberfeed, and about the ongoing Investigations of AnubisNetworks Security Research team.

This channel primarily targets the Threat Intelligence community, for presenting some of our Research Labs investigations.

This channel also aims at interacting with Business Level Technology personnel, to showcase our Threat Intelligence Products and Services.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: The Trojan Horse inside the Trojan Horse: Tackling C2 Communications
  • Live at: Nov 19 2014 2:00 pm
  • Presented by: João Gouveia - AnubisNetworks´CTO
  • From:
Your email has been sent.
or close