GReAT Ideas. Powered by SAS: malware attribution and next-gen IoT honeypots

Presented by

GReAT researchers: Costin Raiu, Kurt Baumgartner, Denis Legezo and Kaspersky's Honeypot Team

About this talk

Get the inside scoop on GReAT, Kaspersky’s Global Research and Analysis team, which works on uncovering APTs, cyber-espionage campaigns, major malware, ransomware and underground cyber-criminal trends across the world. ‘GReAT Ideas. Powered by SAS’ is a series of talks held by GReAT and aimed at sharing their latest expertise on hot tech topics. Inspired by the regular team internal meet-ups, as well as by the Security Analyst Summit’s friendly atmosphere of exchanging knowledge, this series will empower you with information about the threat landscape, the most recent cases and techniques used in the cybersecurity world, directly from the experts themselves. Here is what you will learn during this webinar: Linking attacks to threat actors: case studies In this talk, Kurt Baumgartner will examine recent APT alerts and discussions, and how to get the jump on how or why this malware is connected with past activity. In particular, we will start with 2020 Kwampirs and Lazarus reporting and present details on these malware techniques. Threat hunting with Kaspersky’s new malware attribution engine Kaspersky introduces a new malware attribution engine, which has evolved from an internal tool used by Kaspersky’s GReAT. This technology was already leveraged in the investigation of a number of renowned APT campaigns, such as TajMahal, ShadowHammer, ShadowPad and Dtrack. See how it works in a demo by Costin G. Raiu, the director of GReAT Microcin-2020: GitLab programmers ban, async sockets and the sock In this current campaign, the threat actor Microcin is still using steganography, keeping his interest in diplomatic entities, but has improved the last-stager in an interesting way. Learn about it directly from Denis Legezo, the researcher who analyzed it. The next generation IoT honeypots Kaspersky Honeypots Team will show you the techniques and new kicks in the next generation of honeypot infrastructure being developed by Kaspersky
Related topics:

More from this channel

Upcoming talks (1)
On-demand talks (257)
Subscribers (60050)
On this channel, Kaspersky experts share their knowledge and key insights into high-fidelity threat hunting and intelligence, incident management, malware analysis, reverse engineering, security solutions, and several other vital aspects of the cyberworld. To keep you up to date, the experts also provide detailed webinars and workshops on how Kaspersky security solutions and services can halt and prevent a vast range of malicious attacks conducted by cybercriminals. Kaspersky is a global cybersecurity and digital privacy company that has been providing protection for 25 years, with over 400 million users from more than 200 countries. Kaspersky experts' mission is to help you find the perfect weapon to protect against any cyberthreat, carried out by even the most sophisticated cybercriminals. Kaspersky researchers are top-notch cybersecurity and protection technology experts, who regularly take part in leading information security events worldwide as best-in-class speakers. Kaspersky’s deep threat intelligence and security expertise is constantly being transformed into innovative security solutions and services that protect businesses, critical infrastructure, governments and consumers around the globe. Subscribe and learn more about the latest cybersecurity discoveries on the threat landscape and how to defend against them. Contact us at