Isolating the Ghost in the Machine: Unveiling Post Exploitation Threats


Posted on in Presentations

During the past year IR teams and security researchers around the world witnessed a rise in the use of legitimate tools and common scripts in malware and APT attacks. This talk will explore the presenters’ research that focused on automating the analysis of PowerShell and Macro/VBA/VBS attacks by building a heuristic-based compiler engine that determines whether a script is malicious or not.
Participants
Uri Fleyder-Kotler

Participant

Advanced Threats Research Lab Manager, RSA Security

Rotem Salinas

Participant

Senior Security Researcher, RSA Security


Share With Your Community