Description: One of the biggest problems many in this industry have is taking advantage of good Intelligence sources such as Virus Total and using it to stay one step ahead of the attacker. If you get some intel how far can you really pivot with that information? If you can write yara rules not only can you track these waves of phishing campaigns you can actually stop them. I will show you some research I have been working on and how I can take one phishing document and find thousands more just like it to identify all of the c2 servers, not just one or two. Get ready to track the threat groups yourself!
For More Information Please Visit: http://grrcon.com/
http://www.irongeek.com/i.php?page=videos/grrcon2016/mainlist
Tags:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.