LABScon, Author at SentinelOne

LABScon Replay | Blasting Event-Driven Cornucopia: WMI-based User-Space Attacks Blind SIEMs and EDRs

WMI-based attacks impact all versions of Windows and can severely impact EDRs. Claudiu Teodorescu explores how they work and how they can be detected.

Read More

LABScon Replay | InkySquid: The Missing Arsenal

Paul Rascagneres explores a macOS port of the Windows RokRAT malware and how it bypasses Apple security protections.

Read More

LABScon Replay | Breaking Firmware Trust From The Other Side: Exploiting Early Boot Phases (Pre-Efi)

The first public discussion of changes in the UEFI firmware security runtime from an offensive security perspective with Alex Matrosov.

Read More

LABScon Replay | Is CNVD ≥ CVE? A Look at Chinese Vulnerability Discovery and Disclosure

Vulnerability disclosure in the US lags behind China's NVD, which has a history of providing APT groups with exploits. How can researchers close the gap?

Read More

LABScon Replay | The Mystery of Metador

An elusive APT is attacking telcos, ISPs and Universities with custom backdoors and attack chains designed to bypass native security solutions.

Read More

LABScon Replay | Demystifying Threats to Satellite Communications in Critical Infrastructure

Satellite communications are an integral part of many Industrial Control Systems, but their usage in critical infrastructure continues to be misunderstood.

Read More

LABScon Replay | Are Digital Technologies Eroding the Principle of Distinction in War?

In recent conflicts, digital technology has become weaponized, eroding the traditional barriers that divide the roles of civilians and combatants.

Read More