We're looking forward to being in Vegas this week! We have a ton going on, but we're especially excited (and honored) to be speaking at both Black Hat and BSidesLV this year.
At Black Hat, Cado's CTO and Co-founder, Chris Doman, will be presenting the latest and greatest features of varc, our free open source volatile artifact collection tool. The session will be on Wednesday, August 9 at, 10:00-11:30 am PT in the Business Hall, Arsenal Station 2.
At BSides Las Vegas, Matt Muir, Cado Security threat researcher, will present on the latest cloud-based attack patterns and TTPs. The session will take place on Wednesday, August 9, at 5:00-5:45 pm PT.
We can't wait to see you all there!
For more information on the sessions as well as Cado's other activities at Black Hat, see the full press release:
Cado Security Labs Debuting Updated Volatile Artifact Collector at Black Hat Arsenal and Presenting Cloud Security Evolution, Growing Use of Cloud Services in Malware Attacks at BSides
London, England, August 7, 2023 – Cado Security, provider of the first cloud forensics and incident response platform, today announced its experts will present new and advanced capabilities to its open-source volatile artifact collection tool and research on the evolution of cloud security at the upcoming Black Hat and BSides Las Vegas conferences.
Chris Doman, CTO and Co-founder, and Matt Muir, Threat Intelligence Researcher, are presenting at two of cybersecurity's most prestigious events this August in Las Vegas. Among the premier cybersecurity events in the world, Black Hat and BSides Las Vegas convene the most innovative and creative researchers and hackers to present new exploits, discuss trends and findings, and collaborate on pressing cybersecurity policy issues.
Cado Security will present Introducing varc: Volatile Artifact Collector at Black Hat on Wednesday, August 9 at, 10:00-11:30 am PT in the Business Hall, Arsenal Station 2, to showcase Cado Security's open-source volatile artifact collection tool. At the Arsenal session, Chris Doman will introduce attendees to varc and its latest features that enable proactive scanning for malicious activity powered by YARA rules, empowering analysts to take a precise approach to threat hunting of systems using varc. For example, varc users can now scan volatile data of a system for a known bad IP, see if there is a hit, and then decide to perform further analysis using the Cado Community Edition.
Driven by a philosophy of simplicity and reliability, varc was developed to aid in investigating security incidents by automating volatile data collection. With varc, security analysts can conduct faster, more efficient incident investigations. Doman will discuss the motivation for developing varc and cover the technical challenges inherent to volatile artifact collection in serverless environments and across operating systems.
This session will provide a live demonstration of varc and highlight artifacts of interest, presenting the tool's extraction on a system where malicious activity has occurred to aid incident response.
Cado Security Labs Threat Intelligence Researcher Matt Muir will present The Ever-shifting Habits of Cloud-focused Malware Campaigns on the Breaking Ground track on Wednesday, August 9, at 5:00-5:45 pm PT at BSides Las Vegas.
The talk will analyze recent cloud-focused malware campaigns, including those which have diversified from the common objective of cryptojacking. Matt will discuss TTPs, including persistence mechanisms and defense evasion techniques specific to cloud environments. He will also provide an overview of recent trends in proprietary telemetry of cloud attacks, including increased cloud services' use to support malware attacks.
Resources:
- To access Cado varc, please visit Cado's GitHub repository.
- To see a product demonstration of the Cado platform, visit the Cado team at Black Hat in the Start-Up City, Booth # SC120
- For more information about Cado's presence at Black Hat, visit here
- For more information about Cado’s Arsenal session, visit the Arsenal Schedule.
- To learn more about Cado Security at BSides, check out Talks.
Cloud Investigations
