LABScon, Author at SentinelOne

Spectre Strikes Again Introducing The Firmware Edition 1

LABScon Replay | Spectre Strikes Again: Introducing the Firmware Edition

LABScon / December 28, 2023

Binarly's CEO Alex Matrosov dives deep into the fascinating world of speculative attacks against System Management Mode (SMM) on AMD-based devices.

Intellexa And Cytrox From Fixer Upper To Intel Agency Grade Spyware 1

LABScon

LABSCon Replay | Intellexa and Cytrox: From Fixer-Upper to Intel Agency Grade Spyware

LABScon / December 26, 2023

Vitor Ventura breaks down the processes one spyware organization takes to develop fully working spyware using a one-click zero-day exploit.

The Cyber Arm Of Chinas Soft Power Reshaping A Continent 2

LABScon

LABScon Replay | The Cyber Arm of China’s Soft Power: Reshaping a Continent

LABScon / December 6, 2023

Tom Hegel explores China's influence in Africa and highlights an opportunity for broader understanding of global cyber threat landscapes.

Quiver – Using Cutting Edge ML To Detect Interesting Command Lines For Hunters 2

LABScon

LABScon Replay | Quiver – Using Cutting Edge ML to Detect Interesting Command Lines for Hunters

LABScon / June 26, 2023

Gal Braun and Dean Langsam explore how LLMs can be trained to parse command lines and perform tasks like attribution and detection.

LABScon

LABScon Replay | Star-Gazing: Using a Full Galaxy of YARA Methods to Pursue an Apex Actor

LABScon / June 12, 2023

Greg Lesnewich explores how to to pursue an apex predator using little more than a local instance of YARA and some publicly available open-source tooling.

LABScon

LABScon Replay | Does This Look Infected 2 (APT41)

LABScon / May 18, 2023

Mandiant researchers Van Ta and Rufus Brown take us on a journey of discovery into the compromise of multiple U.S. Government networks by APT41.

Malshare 10 Years Of Running A Public Malware Repository 1

LABScon

LABScon Replay | Malshare: 10 Years of Running a Public Malware Repository

LABScon / May 16, 2023

Silas Cutler, founder of MalShare, explores some of the challenges and rewards of developing and maintaining a free malware repository for researchers.

Blasting Event Driven Cornucopia WMI Based User Space Attacks Blind SIEMs And EDRs 3

LABScon

LABScon Replay | Blasting Event-Driven Cornucopia: WMI-based User-Space Attacks Blind SIEMs and EDRs

LABScon / January 11, 2023

WMI-based attacks impact all versions of Windows and can severely impact EDRs. Claudiu Teodorescu explores how they work and how they can be detected.

LABScon

LABScon Replay | InkySquid: The Missing Arsenal

LABScon / January 4, 2023

Paul Rascagneres explores a macOS port of the Windows RokRAT malware and how it bypasses Apple security protections.

Breaking Firmware Trust From The Other Side Exploiting Early Boot Phases Pre EFI 1

LABScon

LABScon Replay | Breaking Firmware Trust From The Other Side: Exploiting Early Boot Phases (Pre-Efi)

LABScon / December 29, 2022

The first public discussion of changes in the UEFI firmware security runtime from an offensive security perspective with Alex Matrosov.