Early Warning System for Targeted Attacks using Malware Intelligence

Thursday, June 16, 2016

11:00 AM - 12:00 PM PDT

60 minutes, including Q&A

A Early Warning System for Targeted Attacks using Malware Intelligence by Cythereal
The D.E.A.D. Pool: A collection of disposable email address domain registrations by Alex Valdivia

A determined adversary will keep trying to penetrate your defenses and will eventually succeed. But why wait for a successful compromise when new advances in automated malware analysis make it possible for your incident responders to be alerted and react quickly?

Instead of relying solely on Indicators of Compromise (IoCs), your organization could be on the lookout for coordinated attacks that might currently be probing your defenses, i.e. Indicators of Coordinated Attack (IoAs). This webinar will describe recent advances in automated malware analysis technologies that now makes it feasible to extract malware intelligence at a scale and accuracy never before seen, on your own premises, and use the knowledge to either respond to or even avoid an incident.

Talking points:

  • Indicators of Compromise (IoCs) versus Indicators of Coordinated Attacks (IoAs)
  • Large scale, automated malware analysis to extract intelligence is feasible
  • Malware intelligence can aid detect on-going attempts of targeted attacks

Brought to you by:



Dr. Arun Lakhotia

Dr. Arun Lakhotia

Dr. Arun Lakhotia is Founder and CEO of Cythereal, LLC. As a Professor of Computer Science at the University of Louisiana at Lafayette, he has spent over a decade studying the protection mechanisms used by malware and has developed methods to peer through these protections and to connect the dots across what initially appears to be distinct instances of malware. This research, funded in part by US DoD, has led to the development of VirusBattle, an automated malware analysis web service that draws connections between malware using the semantics of their underlying code. His research has been supported by DARPA, AFOSR, AFRL, and ARO.

Sponsor Presenter:

Alex Valdivia

Alex Valdivia

Alex is a member of the ThreatConnect Research Team, where he analyzes malware, malicious infrastructure, and threat actors, and captures best practices in order to share intelligence and process with various ThreatConnect Communities. He has spoken at B-Sides Las Vegas, DEF CON Skytalks, and has been a guest lecturer for threat intelligence courses at Johns Hopkins University, Metropolitan State University, and the University of South Florida. Before ThreatConnect, Alex studied Electrical Engineering at George Mason University and worked the graveyard shift in a SOC, where he developed a fondness for thwarting inept online criminals.

Sustaining Partners