What is this executable? Why is this binary showing up in logs? This talk will cover legitimate binaries and third-party tools threat actors leverage to target organizations today. Associated techniques will be mapped to real-world examples and threat hunting techniques will be discussed. Attendees will be equipped with tools that may save them from becoming the next victim.


RSAC 2023 brought together thousands of cybersecurity professionals for four incredible days of expert perspectives, groundbreaking innovation, and best practices. 

Catch Me If You Can. LOLBins and the Adversaries Who Abuse Them

Conference: RSA Conference 2023

Authors: Alfred Alvarado, Timothy Hux

Abstract

Post a comment

Related work

It's not FINished: The Evolving Maturity in Ransomware Operations

Attack Surface as a Service

My Cloud is APT's Cloud: Investigating and Defending Office 365

Real-Time Detection of Attacks Leveraging Domain Administrator Privilege

Sponsored Session: Salesforce

Blockchain Autopsies - Analyzing Ethereum Smart Contract Deaths