Virus Bulletin conference is a well regarded intimate technical conference focused on malware research. It provides a good balance between listening to technical talks and spending time exchanging experiences with colleagues from different companies; all working on the same task of making our computing environments more secure.
This past October, Talos participated at the Virus Bulletin conference in Madrid with a talk presented by Warren Mercer and me, Paul Rascagneres. This talk covered the latest techniques used in the reconnaissance phase of attacks by APT actors. During the presentation, we demonstrated how the reconnaissance phase is executed as a part of the infection process in order to protect valuable zero-day exploits, malware frameworks, and other tools.
Virus Bulletin requires selected speakers to submit a research paper which can later be used to help the security research community with their own research. Our submission to the conference was a paper titled "Modern reconnaissance phase by APT – protection layer". This paper is based on research conducted by Talos throughout the year and it is now publicly available on the Virus Bulletin web site.
If you missed it at the conference, our presentation is available on the Virus Bulletin Youtube channel. The recorded presentation provides a good overview of the paper and it will hopefully make you enjoy reading the full paper as well.