Supporting Event: Joint ICT Christmas Party (14 Dec 2018)

Supporting Event: Joint ICT Christmas Party (14 Dec 2018)

Joint ICT Christmas Party Date:  14 Dec 2018 (Fri)Time:  5:45-7:00pm (registration starts at...

Modern Endpoint Security (5 Dec 2018)

Modern Endpoint Security (5 Dec 2018)

Modern Endpoint Security Date: 5-Dec 2018 (Wed)Time: 7:15pm - 9:00pmVenue: ADC 203, HKU SPACE...

Supporting Event: Building Your Open Source Intelligence Capabilities (7 Nov 2018)

Supporting Event: Building Your Open Source Intelligence Capabilities (7 Nov 2018)

Building Your Open Source Intelligence Capabilities Date:  7 Nov 2018 (Wed)Time:  09:30 -...

  • Supporting Event: Joint ICT Christmas Party (14 Dec 2018)

    Supporting Event: Joint ICT Christmas Party (14 Dec 2018)

  • Modern Endpoint Security (5 Dec 2018)

    Modern Endpoint Security (5 Dec 2018)

  • Supporting Event: Building Your Open Source Intelligence Capabilities (7 Nov 2018)

    Supporting Event: Building Your Open Source Intelligence Capabilities (7 Nov 2018)

Technical Sharing Session: Malware Command and Control using Social Media Platform

Date: 4-Aug-2017 (Fri)
Time: 7:30pm - 9:00pm
Venue: Room 311, HKU SPACE Admiralty Learning Centre
Language: English
Fee: FREE
Registration: https://goo.gl/NKfLdb

Agenda:
19:00 - 19:30 Registration and networking
19:30 - 20:30 Malware Command and Control using Social Media Platform
20:30 - 21:00 Q & A

Abstract:
Social media platforms have been trending as a viable communication channel for malware and botnet c2 servers. There are several reasons attackers may use social media for C2, such as hiding malicious traffic in HTTPS to whitelisted websites, rich API and difficult to block, and easy to setup with low or no operational costs, and no obvious or fixed indicators for C2 IP address.

Our talk will aim to show the attacker’s perspective on building, operating and maintaining malware and botnets that is controlled via a social media as a c2 communications channel.

In conclusion, we will look at general recommendations on mitigating and preventing the impact from attackers using social media c2 channels.

Speaker's Bio:
Harris RAMLI, Security Researcher, MHD Security, CISSP, CISA, OSCP, OSWP, OSCE, CRT
Harris has extensive hands-on experience working in penetration testing, information security advisory, and general IT control reviews. He has led several high profile technical security reviews and penetration testing engagements for mainly financial services clients in the APAC region.

 

NOTE: Two CPE can be claimed for the (ISC2) Credential Holder.
For any questions, please contact us at This email address is being protected from spambots. You need JavaScript enabled to view it.

 

------------------------------

Slides download: https://goo.gl/Ehvz1h