Name: Formatting for Justice: Crime Doesn't Pay, Neither Does Rich Text
Start: 2017-12-08T09:40:00+0100
End: 2017-12-08T10:10:00+0100

Back To Schedule

Formatting for Justice: Crime Doesn't Pay, Neither Does Rich Text

Due to it’s flexibility and capacity for embedding other objects, the rich text format (RTF) is a preferred file type used by both precision and quantity focused threat actors. This presentation will discuss the state of threats making use of the file format and provide a brief overview of how the file format is constructed. The presentation will also explain results of exploratory experiments conducted to achieve a deep comprehension of the file format’s structure. Best practices for building protections in organizations will be discussed. Techniques developed while hunting for specific features across large sample sets will be shared.

Speakers

Anthony Kasza

Senior Threat Researcher, Palo Alto Networks

Anthony Kasza is a Senior Threat Researcher for Palo Alto Networks. At Palo Alto Networks, Anthony is responsible for discovering new and tracking known threats to ensure context around customer detections. Prior to Palo Alto Networks, Anthony was responsible for creating scalable... Read More →

Friday December 8, 2017 09:40 - 10:10 CET
Corum

Presentation

Topic Botnet artefacts / traces / detection, Malware distribution (botnet related), Reverse engineering of malware (botnet related)

Botconf 2017

Log in to save this to your schedule, view media, leave feedback and see who's attending!

Anthony Kasza