LODEINFO is a malware used in attacks targeting mainly Japan since 2019. Trend Micro has been tracking the group as Earth Kasha. We have identified a new campaign connected to this group with significant updates to their strategy, tactics, and arsenals.
Now that the dust has settled, thank you once again to everyone who came to #vb2024 and made it a great success - speakers, delegates, partners, chairpersons, poster presenters, A/V team, VB crew, students from National College of Ireland, and photographer Tim Berghoff for helping us record the event!
We hope to see you all again next year for VB2025 in Berlin (24 - 26 September)!
See Sharem in action, emulating a Windows shellcode: https://www.youtube.com/watch?v=S1PI9O-q6eM
I don't think it supports Linux shellcodes, does it? Also, I wonder what disassembler it uses.
NB. AI for Sharem was presented @VirusBulletin
Here are my four write-ups for #VB2024:
👉🏽 Day 1: https://www.linkedin.com/pulse/virus-bulletin-2024-day-i-veronica-valeros-4y8me
👉🏽 Day 2: https://www.linkedin.com/pulse/virus-bulletin-2024-day-ii-veronica-valeros-vl5zf
👉🏽 Day 3: https://www.linkedin.com/pulse/virus-bulletin-2024-day-iii-veronica-valeros-o1nie
👉🏽 Extra: https://www.linkedin.com/pulse/virus-bulletin-final-highlights-veronica-valeros-blhme
What an amazing first day of the 34th edition of the Virus Bulletin Conference in Dublin! It was an intense day of very good presentations and meeting old and new friends. Last year, I wanted to write a summary of my conference days, but I made the mistake of leaving it 'for later,' and that never h
Here is a summary of my day three at Virus Bulletin! I am very grateful for the opportunity to attend this conference and learn, exchange ideas, meet old friends, make new ones, and leave with my mind and heart full. Thank you o/
One more post to follow tomorrow because there are some talks that I still want to highlight :)
#VB2024
https://www.linkedin.com/pulse/virus-bulletin-2024-day-iii-veronica-valeros-o1nie/
The third day and final day of the 34th edition of the Virus Bulletin Conference in Dublin has come to an end! There were many great talks today and a thought-provoking closing keynote to close the last day. Here are some of the best talks I've seen today, and be advised that, again, I am missing so
🎉 I am really thrilled to have won the 10th Péter Szőr award at @VirusBulletin. Congrats to all the authors of the nominated papers. They are all excellent pieces and know that I highly respect your work. It is very flattering to have our work recognized by our peers. #vb2024
https://infosec.exchange/@VirusBulletin/113248734129035293
Publishing exhaustive malware research paper is a _lot_ of work, and it wouldn't be possible for me without help. I'd like to thank our partners (NHTCU et al.) and the team @ESETresearch for technical and language reviews, as well as designers that render the final result.
If you are curious about our research, and to understand how a botnet of Linux servers has been around for 15 years stealing credit cards and cryptocurrency, and mangling HTTP traffic, the paper is available here: https://www.welivesecurity.com/en/eset-research/ebury-alive-unseen-400k-linux-servers-compromised-cryptotheft-financial-gain/
Attached: 1 image Many congratulations to ESET researcher Marc-Etienne M.Léveillé (@marcetienne), winner of the 2024 Péter Szőr Award for Technical Security Research for his research "Ebury is alive but unseen: 400k Linux servers compromised for cryptocurrency theft and financial gain"! #vb2024 https://www.virusbulletin.com/conference/peter-szor-award/
Virus Bulletin
cryptax
_Veronica_
DrWhax
Marc-Etienne M.Léveillé