Intellexa And Cytrox From Fixer Upper To Intel Agency Grade Spyware 1

LABSCon Replay | Intellexa and Cytrox: From Fixer-Upper to Intel Agency Grade Spyware

Vitor Ventura breaks down the processes one spyware organization takes to develop fully working spyware using a one-click zero-day exploit.

Read More
The Cyber Arm Of Chinas Soft Power Reshaping A Continent 2

LABScon Replay | The Cyber Arm of China’s Soft Power: Reshaping a Continent

Tom Hegel explores China's influence in Africa and highlights an opportunity for broader understanding of global cyber threat landscapes.

Read More
Quiver – Using Cutting Edge ML To Detect Interesting Command Lines For Hunters 2

LABScon Replay | Quiver – Using Cutting Edge ML to Detect Interesting Command Lines for Hunters

Gal Braun and Dean Langsam explore how LLMs can be trained to parse command lines and perform tasks like attribution and detection.

Read More
Star Gazing Using A Full Galaxy Of YARA Methods To Pursue An Apex Actor

LABScon Replay | Star-Gazing: Using a Full Galaxy of YARA Methods to Pursue an Apex Actor

Greg Lesnewich explores how to to pursue an apex predator using little more than a local instance of YARA and some publicly available open-source tooling.

Read More
LABScon Replay Does This Look Infected 2 APT41

LABScon Replay | Does This Look Infected 2 (APT41)

Mandiant researchers Van Ta and Rufus Brown take us on a journey of discovery into the compromise of multiple U.S. Government networks by APT41.

Read More
Malshare 10 Years Of Running A Public Malware Repository 1

LABScon Replay | Malshare: 10 Years of Running a Public Malware Repository

Silas Cutler, founder of MalShare, explores some of the challenges and rewards of developing and maintaining a free malware repository for researchers.

Read More
Blasting Event Driven Cornucopia WMI Based User Space Attacks Blind SIEMs And EDRs 3

LABScon Replay | Blasting Event-Driven Cornucopia: WMI-based User-Space Attacks Blind SIEMs and EDRs

WMI-based attacks impact all versions of Windows and can severely impact EDRs. Claudiu Teodorescu explores how they work and how they can be detected.

Read More
InkySquid The Missing Arsenal 1

LABScon Replay | InkySquid: The Missing Arsenal

Paul Rascagneres explores a macOS port of the Windows RokRAT malware and how it bypasses Apple security protections.

Read More
Breaking Firmware Trust From The Other Side Exploiting Early Boot Phases Pre EFI 1

LABScon Replay | Breaking Firmware Trust From The Other Side: Exploiting Early Boot Phases (Pre-Efi)

The first public discussion of changes in the UEFI firmware security runtime from an offensive security perspective with Alex Matrosov.

Read More
Kristin Del Rosso Kristen 1

LABScon Replay | Is CNVD ≥ CVE? A Look at Chinese Vulnerability Discovery and Disclosure

Vulnerability disclosure in the US lags behind China's NVD, which has a history of providing APT groups with exploits. How can researchers close the gap?

Read More