Adventures with Cybercrime Toolkits - Insights for Pragmatic Defense

Explore pragmatic defense strategies against cybercrime in this 16-minute conference talk from USENIX Enigma 2020. Delve into the world of exploit kits and learn how to turn cybercriminals' weaknesses into opportunities for effective countermeasures. Discover reactive, proactive, and offensive approaches to combat cybercrime, including identifying active exploit kits, infiltrating and taking down live kits, and developing real-time threat detection methods. Gain valuable insights on adapting defensive tactics to stay ahead in the cybersecurity arms race and understand how to leverage flaws in cybercriminals' tools and strategies for more robust protection.

Intro
Adventures with Cybercrime Toolkits: Insights for Pragmatic Defense
Probing exploit kits to milk behavioral fingerprints
Controlled probing of exploit kits to milk behavioral fingerprint
Leveraging blind spots in exploit kits to turn the table on cybercriminals
Take advantage of flaws in exploit kit code to fight back
Who will be using such a strategy and and for what?
Defense capability gained
How complex is a concrete exploit?
Lesson for pragmatic defense
In the cybercrime arms race, how do we improve the state of defense?
Takeaways 1: Just Like defenders, cybercriminals have blind spots in coding, configuration, and deployment of their exploit toolkits.