ABOUT
CVE DATABASE
CONTACT
VISIT SENTINELONE.COM

LABScon

Quiver – Using Cutting Edge ML To Detect Interesting Command Lines For Hunters 2
LABScon

LABScon Replay | Quiver – Using Cutting Edge ML to Detect Interesting Command Lines for Hunters
LABScon /

Gal Braun and Dean Langsam explore how LLMs can be trained to parse command lines and perform tasks like attribution and detection.

Read More
Star Gazing Using A Full Galaxy Of YARA Methods To Pursue An Apex Actor
LABScon

LABScon Replay | Star-Gazing: Using a Full Galaxy of YARA Methods to Pursue an Apex Actor
LABScon /

Greg Lesnewich explores how to to pursue an apex predator using little more than a local instance of YARA and some publicly available open-source tooling.

Read More
LABScon Replay Does This Look Infected 2 APT41
LABScon

LABScon Replay | Does This Look Infected 2 (APT41)
LABScon /

Mandiant researchers Van Ta and Rufus Brown take us on a journey of discovery into the compromise of multiple U.S. Government networks by APT41.

Read More
Malshare 10 Years Of Running A Public Malware Repository 1
LABScon

LABScon Replay | Malshare: 10 Years of Running a Public Malware Repository
LABScon /

Silas Cutler, founder of MalShare, explores some of the challenges and rewards of developing and maintaining a free malware repository for researchers.

Read More
The Life And Times Of Sysinternals 3
LABScon

The Life and Times of SysInternals | How One Developer Changed the Face of Malware Analysis
Juan Andrés Guerrero-Saade /

Mark Russinovich, founder of SysInternals, explores the history and development of one of the security industry's most essential toolkits.

Read More
Blasting Event Driven Cornucopia WMI Based User Space Attacks Blind SIEMs And EDRs 3
LABScon

LABScon Replay | Blasting Event-Driven Cornucopia: WMI-based User-Space Attacks Blind SIEMs and EDRs
LABScon /

WMI-based attacks impact all versions of Windows and can severely impact EDRs. Claudiu Teodorescu explores how they work and how they can be detected.

Read More
InkySquid The Missing Arsenal 1
LABScon

LABScon Replay | InkySquid: The Missing Arsenal
LABScon /

Paul Rascagneres explores a macOS port of the Windows RokRAT malware and how it bypasses Apple security protections.

Read More
Breaking Firmware Trust From The Other Side Exploiting Early Boot Phases Pre EFI 1
LABScon

LABScon Replay | Breaking Firmware Trust From The Other Side: Exploiting Early Boot Phases (Pre-Efi)
LABScon /

The first public discussion of changes in the UEFI firmware security runtime from an offensive security perspective with Alex Matrosov.

Read More
Kristin Del Rosso Kristen 1
LABScon

LABScon Replay | Is CNVD ≥ CVE? A Look at Chinese Vulnerability Discovery and Disclosure
LABScon /

Vulnerability disclosure in the US lags behind China's NVD, which has a history of providing APT groups with exploits. How can researchers close the gap?

Read More
The Mystery Of Metador 5
LABScon

LABScon Replay | The Mystery of Metador
LABScon /

An elusive APT is attacking telcos, ISPs and Universities with custom backdoors and attack chains designed to bypass native security solutions.

Read More
1 2 3