Visibility Beyond Perimeters - Detecting C2 at Time of Execution

Explore a groundbreaking method for detecting malicious network intrusions in this 48-minute conference talk from BruCON Security Conference. Delve into the limitations of current detection techniques and discover a new approach that provides near-real-time alerting without relying on endpoint client software. Learn how this innovative technology leverages network IOCs beyond existing XDR platforms, offering consistent detection across all OS versions and vendors. Gain insights into detecting supply-chain attacks and partner vulnerabilities. Examine real-world examples from the CTI League's efforts to protect hospitals during the 2020 pandemic. Understand how this method can augment existing EDR solutions, potentially giving organizations extra time to prevent data breaches. Topics covered include the F51 vulnerability, Gray Noise, forensics, DNS IOCs, ransomware, trojans, and techniques for detecting various types of malware and botnets.

Intro
Why is this important
Showdown
F51 vulnerability
Who found F51
What we found
How we did this
Gray Noise
Forensics
Showdown Hunting
Pro Tips
Ingram Micro
DNS
DNS IOCs
Ransomware
trojans
CTI League
Answering malware
Detecting malware
Detecting botnets
Conclusion
QA