SpeedTalk (Pentera) - The LOLBAS Odyssey: Tracing the Path of Finding Hidden Gems in Executables
September 26, 2024 (GMT +8)
13:00
Ballroom 1 & 2
LOLBAS (Living-off-the-Land Binaries And Scripts) are used in almost every cyber attack campaign, yet are often overlooked. Most systems are equipped to detect the large number of known LOLBAS binaries, however, the potential number of unknown LOLBAS binaries might be even greater. Luckily, a rote assignment ended up sparking a new research initiative, increasing the number of known LOLBAS downloaders by 25%. And there's more yet to come. In this session, we'll trace the path to find new hidden LOLBAS gems in executables so that Red Teamers can uncover their own and Blue Teamers can proactively protect against these new threats.
Speaker
Nelson Santos Security professional with years of experience in both attack and defense teams. He holds multiple top-tier security certifications and has trained under some of the best know researchers in the field. His interests range from exploit development and vulnerability research to machine learning and artificial intelligence. In his free time, Nelson enjoys sailing, playing with his toddler son, and long walks on the beach.
« Back