ABOUT
CVE DATABASE
CONTACT
VISIT SENTINELONE.COM

en

English
日本語
Deutsch
Español
Français
Italiano
Dutch
한국어

Get a Demo

Back

ABOUT
CVE DATABASE
CONTACT
VISIT SENTINELONE.COM

Get a Demo

LABScon

Quiver – Using Cutting Edge ML To Detect Interesting Command Lines For Hunters 2

LABScon

LABScon Replay | Quiver – Using Cutting Edge ML to Detect Interesting Command Lines for Hunters

LABScon / June 26, 2023

Gal Braun and Dean Langsam explore how LLMs can be trained to parse command lines and perform tasks like attribution and detection.

PDF

LABScon

LABScon Replay | Star-Gazing: Using a Full Galaxy of YARA Methods to Pursue an Apex Actor

LABScon / June 12, 2023

Greg Lesnewich explores how to to pursue an apex predator using little more than a local instance of YARA and some publicly available open-source tooling.

PDF

LABScon

LABScon Replay | Does This Look Infected 2 (APT41)

LABScon / May 18, 2023

Mandiant researchers Van Ta and Rufus Brown take us on a journey of discovery into the compromise of multiple U.S. Government networks by APT41.

PDF

Malshare 10 Years Of Running A Public Malware Repository 1

LABScon

LABScon Replay | Malshare: 10 Years of Running a Public Malware Repository

LABScon / May 16, 2023

Silas Cutler, founder of MalShare, explores some of the challenges and rewards of developing and maintaining a free malware repository for researchers.

PDF

LABScon

The Life and Times of SysInternals | How One Developer Changed the Face of Malware Analysis

Juan Andrés Guerrero-Saade / March 29, 2023

Mark Russinovich, founder of SysInternals, explores the history and development of one of the security industry's most essential toolkits.

PDF

Blasting Event Driven Cornucopia WMI Based User Space Attacks Blind SIEMs And EDRs 3

LABScon

LABScon Replay | Blasting Event-Driven Cornucopia: WMI-based User-Space Attacks Blind SIEMs and EDRs

LABScon / January 11, 2023

WMI-based attacks impact all versions of Windows and can severely impact EDRs. Claudiu Teodorescu explores how they work and how they can be detected.

PDF

LABScon

LABScon Replay | InkySquid: The Missing Arsenal

LABScon / January 4, 2023

Paul Rascagneres explores a macOS port of the Windows RokRAT malware and how it bypasses Apple security protections.

PDF

Breaking Firmware Trust From The Other Side Exploiting Early Boot Phases Pre EFI 1

LABScon

LABScon Replay | Breaking Firmware Trust From The Other Side: Exploiting Early Boot Phases (Pre-Efi)

LABScon / December 29, 2022

The first public discussion of changes in the UEFI firmware security runtime from an offensive security perspective with Alex Matrosov.

PDF

LABScon

LABScon Replay | Is CNVD ≥ CVE? A Look at Chinese Vulnerability Discovery and Disclosure

LABScon / December 15, 2022

Vulnerability disclosure in the US lags behind China's NVD, which has a history of providing APT groups with exploits. How can researchers close the gap?

PDF

LABScon

LABScon Replay | The Mystery of Metador

LABScon / December 1, 2022

An elusive APT is attacking telcos, ISPs and Universities with custom backdoors and attack chains designed to bypass native security solutions.

PDF

Search ...

Sign Up

Get notified when we post new content.

Thanks! Keep an eye out for new content!

Labs Categories

Crimeware
Security Research
Adversary
Advanced Persistent Threat
LABScon
Security & Intelligence

SentinelLabs

In the era of interconnectivity, when markets, geographies, and jurisdictions merge in the melting pot of the digital domain, the perils of the threat ecosystem become unparalleled. Crimeware families achieve an unparalleled level of technical sophistication, APT groups are competing in fully-fledged cyber warfare, while once decentralized and scattered threat actors are forming adamant alliances of operating as elite corporate espionage teams.

Latest Tweet

Could not authenticate you.

Sign Up

Get notified when we post new content.

Thanks! Keep an eye out for new content!

Twitter
LinkedIn