During this session, we walk through applied use of indicators of compromise for several recent malware campaigns. The presentation starts with weak/tactical indicators, which are low cost for attackers to change and build, to strong/strategic indicators, which significantly increase costs to attackers.
This session explores:
- Recent malware campaign activities and their observable indicators;
- Examples of tools and techniques to produce and hunt for indicators within your environment;
- Techniques for making malware less successful when it bypasses your existing defenses.