Steganography + Malware - a Match Made in Hacker Heaven

Logo
Presented by

Ira Winkler, Security Evangelist

About this talk

Steganography has been used for centuries to hide a secret message in an otherwise harmless container. Its latest iteration is a malware delivery vehicle. In this webinar we will review how malware developers use steganography for their devious purposes. Traditionally, steganography was leveraged for covert communication (e.g., exfiltration of sensitive data from an organization in the way that bypasses DLP and other security controls). More recently, it has become a carrier for malware. For example, in the latest attack targeting a Nyotron customer, that our endpoint prevention and response (EPR) solution detected and blocked, the Ursnif banking trojan attempted to use steganography to insert a malicious Powershell script into the organization. Join us for a brief overview of steganography, its use in the physical and digital worlds, followed by a step by step walkthrough and demo of a recent attack leveraging steganography. Presenter: Ira Winkler is recognized as one of the world's experts in Internet security, information warfare, information-related crime investigation, and industrial espionage. Mr. Winkler began his career at the National Security Agency (NSA), where he performed cryptoanalysis and was responsible for systems design and implementing security for intelligence collection and analysis systems. Ira Winkler is the author of multiple cybersecurity books.
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (13)
Subscribers (2835)
Nyotron pioneers a new generation of automatic Endpoint Detection and Response with integrated protection called Endpoint Prevention and Response (EPR). Our product prevents damage from malware that evades existing security layers and offers granular visibility into the attack. Based on the OS-Centric Positive Security, Nyotron's PARANOID automatically whitelists trusted operating system behavior and rejects everything else. No manual threat hunting, baselining, machine learning or cloud connectivity required. With PARANOID organizations gain true defense-in-depth protection against the most advanced attacks. Nyotron is headquartered in Santa Clara, CA with an R&D office in Israel. To learn more, visit www.nyotron.com.