Dataplane.orgApr 28, 2024

The Internet Last Week

* Botconf 2024
https://www.botconf.eu
* Telegram service disruption
https://www.bleepingcomputer.com/news/technology/telegram-is-down-with-connecting-error/
https://mastodon.social/@netblocks/112338511213053321
* Europe/Asia subsea cable faults
https://status.digitalocean.com/incidents/21gg18q1ddmv
* Atlas VPN shutdown and NordVPN migration
https://atlasvpn.com/blog/announcement

#VPN #Botconf2024 #SubseaCable #Telegram #Outages

Botconf 2025 – The Botnet & Malware Ecosystems Fighting Conference – 11th edition

Ruchna Apr 26, 2024
Nice presentation by Victor Chebyshev at @botconf on #LightSpy2, the next stage payload dropped by #DragonEgg and #Wrmspy attributed to APT41 https://youtu.be/dk-9X5FczPY?feature=shared #Botconf2024
LightSpy2 feature rich mobile surveillance tool set - Victor Chebyshev

YouTube
BotconfApr 25, 2024
#Botconf2024 - For those who missed it we are live at https://www.youtube.com/BotconfTV
Bevor Sie zu YouTube weitergehen

BotconfApr 24, 2024
#Botconf2024 is also proud to be supported by our Platinum sponsors #SANSEMEA, #Siemens and #CiscoTalos !
BotconfApr 24, 2024
#Botconf2024 was made possible this year with the support of our official partners @CECyF Commandement du ministère de l’Intérieur dans le cyberespace (#COMCYBERMI) and #EURECOM whose staff (and their precious time!) are involved in the organising team
BotconfApr 24, 2024

First afternoon session for #Botconf2024 after a healthy lunch !

"Opera1er: from tracking the threat actor to detaining a criminal behind" by Anton U. & Hugo RIFFLET is the first talk this afternoon.

More about this threat actor and their destiny on INTERPOL's website:

https://www.interpol.int/News-and-Events/News/2023/Suspected-key-figure-of-notorious-cybercrime-group-arrested-in-joint-operation

Suspected key figure of notorious cybercrime group arrested in joint operation

Operation Nervone has dealt a significant blow to the OPERA1ER group.

BotconfApr 24, 2024

#Botconf2024 has started this morning and we are already deep into the first talks. The full schedule is available at https://www.botconf.eu/schedule/

We will announce the talks we broadcast on our social networks and they will be available from https://www.youtube.com/BotconfTV

This conference would not be possible without the speakers of course, but also thanks to our great sponsors ! This year #Proofpoint and #Qintel are supporting #Botconf2024 as Diamond sponsors. Thank you so much !

Botconf 2024 – Botconf 2024

BotconfApr 23, 2024
#Botconf2024 is heating up! Great workshops this afternoon and speakers' dinner tonight ! See you all tomorrow morning !
ESET ResearchMar 7, 2024
#ESETresearch has discovered a new campaign by China-aligned #APT #EvasivePanda, leveraging the Monlam Festival to target Tibetans. The campaign included a targeted watering hole, compromised news website, and an additional supply-chain attack to deliver malware for Windows and macOS, including a backdoor we have named #Nightdoor. https://www.welivesecurity.com/en/eset-research/evasive-panda-leverages-monlam-festival-target-tibetans/
Attackers compromised the Kagyu International Monlam Trust website to use as a watering hole. Malicious, obfuscated JavaScript was appended to a script executed when potential victims visit the site, testing whether the visitor’s IP address is in one of several IP ranges.
These ranges indicate a targeted attack looking to compromise networks in 🇮🇳, 🇹🇼, 🇦🇺, 🇺🇸 and 🇭🇰. The chart shows the distribution of targeted IP ranges. Interestingly, one of the targeted networks we identify is a high-profile university in the US.
In the supply-chain, compromise attackers planted trojanized installer packages of Tibetan language translation software developed by a company based in India. The installers for Windows and macOS deployed both a malicious dropper and the legitimate software application.
We found several downloaders whose C&C servers provide a JSON object pointing to the next stage – another downloader or an installer for backdoors including EvasivePanda’s traditional #MgBot and Nightdoor. The latter is a full-featured backdoor using Google Drive for its C&C.
ESET researchers Facundo Munoz (@0xfmz) and Anh Ho will be presenting their latest research on Evasive Panda activities and capabilities at the upcoming #Botconf2024. https://www.botconf.eu/provisional-schedule/
IoCs are available in ESET GitHub repository
Evasive Panda leverages Monlam Festival to target Tibetans

ESET research uncovers a cyberespionage campaign that has been victimizing Tibetans through targeted watering hole (also known as a strategic web compromise) and supply-chain compromise attacks

BotconfFeb 22, 2024

In addition to your #Botconf2024 Conference tickets (valid for the main conference from Wednesday 24th to Friday 26th April 2024), you can now purchase additional workshop tickets that will take place on 23rd April 2024.

All workshops are in parallel and the tickets include a lunch starting at 12PM.

https://www.billetweb.fr/botconf-2024

Tickets : Botconf 2024

Tickets : Botconf 2024 - Billetweb