Labs Archive

LABScon25 Replay | Keynote: Steps to an Ecology of Cyber

LABScon / June 11, 2026

Decades of piling complexity onto non-standardized stacks have left security unsteerable. Juan Andrés Guerrero-Saade makes the case for a new approach.

LABScon

LABScon25 Replay | Gamaredon x Turla: Unveiling a 2025 Espionage Alliance Targeting Ukraine

LABScon / June 2, 2026

ESET researchers show how Gamaredon facilitated Turla access to Ukrainian targets, revealing rare cooperation between FSB-linked espionage groups.

LABScon

LABScon25 Replay | Breach Alpha: Trading on Cyber Fallout

LABScon / May 14, 2026

Mick Baccio and Scott Roberts examine whether public breach signals and market timing models can turn cyber incidents into actionable trading opportunities.

Crimeware

PCPJack | Cloud Worm Evicts TeamPCP and Steals Credentials at Scale

Alex Delamotte / May 7, 2026

Cloud attack framework skips cryptomining, harvests financial, messaging, and enterprise credentials for fraud, spam, and potential extortion.

LABScon

LABScon25 Replay | Please Connect to the Foreign Entity to Enhance Your User Experience

LABScon / May 6, 2026

Joe FitzPatrick reveals how consumer imports of networked devices pose a real security risk to small businesses and critical infrastructure alike.

Advanced Persistent Threat

fast16 | Mystery Shadow Brokers Reference Reveals High-Precision Software Sabotage 5 Years Before Stuxnet

Vitaly Kamluk & Juan Andrés Guerrero-Saade / April 23, 2026

A previously unknown 2005 cyber sabotage framework patches high-precision calculation software in memory to silently corrupt results.

LABScon

LABScon25 Replay | Are Your Chinese Cameras Spying For You Or On You?

LABScon / April 22, 2026

Marc Rogers and Silas Cutler expose how cheap smart home devices conceal a shadow supply chain of shell companies, firmware flaws, and foreign data routing.

AI Research

Building an Adversarial Consensus Engine | Multi-Agent LLMs for Automated Malware Analysis

Phil Stokes / March 19, 2026

Single-tool LLM analysis produces reports that look authoritative but aren't. A serial consensus pipeline catches artifacts and hallucinations at source.

LABScon

LABScon25 Replay | Your Apps May Be Gone, But the Hackers Made $9 Billion and They’re Still Here

LABScon / March 17, 2026

Andrew MacPherson exposes how crypto thieves exploit DeFi architecture, from the $1.5 billion Bybit heist to drainers-as-a-service and fund laundering.

AI Research

From Narrative to Knowledge Graph | LLM-Driven Information Extraction in Cyber Threat Intelligence

Aleksandar Milenkoski & Razvan Gabriel Cirstea / March 9, 2026

LLMs can turn CTI narratives into structured intelligence at scale, but speed-accuracy trade-offs demand careful design for operational defense workflows.

macOS.Gaslight | Rust Backdoor Turns Prompt Injection on the Analyst, Not the Sandbox

LABScon25 Replay | Keynote: Steps to an Ecology of Cyber

LABScon25 Replay | Gamaredon x Turla: Unveiling a 2025 Espionage Alliance Targeting Ukraine

LABScon25 Replay | Breach Alpha: Trading on Cyber Fallout

PCPJack | Cloud Worm Evicts TeamPCP and Steals Credentials at Scale

LABScon25 Replay | Please Connect to the Foreign Entity to Enhance Your User Experience

fast16 | Mystery Shadow Brokers Reference Reveals High-Precision Software Sabotage 5 Years Before Stuxnet

LABScon25 Replay | Are Your Chinese Cameras Spying For You Or On You?

Building an Adversarial Consensus Engine | Multi-Agent LLMs for Automated Malware Analysis

LABScon25 Replay | Your Apps May Be Gone, But the Hackers Made $9 Billion and They’re Still Here

From Narrative to Knowledge Graph | LLM-Driven Information Extraction in Cyber Threat Intelligence