Defcon 20214/14/2023 ![]() ![]() With that in mind, a team of practitioners from PCMag parent company Ziff Davis headed to Defcon this year, our first widely attended event since COVID restrictions eased. There’s a dearth of information on how these products fare in the real world, and these events help fill in the gaps. Many in the field find this is the only way to get unbiased reviews from other practitioners of common security tools. Practitioners widely praise both events for the high-quality networking. Defcon has more focus on contests and hacking demonstrations accessible to anyone Black Hat leans toward the research produced by the marquee cyber industry names. There’s overlap, of course, but Defcon is widely viewed as the friendlier, less business-focused, and more colorful of the two. What Are Defcon and Black Hat?įor the uninitiated, there are two simultaneous Las Vegas shows that cater, respectively, to hackers (Defcon) and those in the business of security (Black Hat, which PCMag covered extensively this year). How to Set Up Two-Factor Authenticationįor the first time in two years, hackers and security professionals reconvened at two of their most significant yearly gatherings, Defcon and Black Hat.How to Record the Screen on Your Windows PC or Mac.How to Convert YouTube Videos to MP3 Files.How to Save Money on Your Cell Phone Bill.How to Free Up Space on Your iPhone or iPad.How to Block Robotexts and Spam Messages.If you’d like to see how Deep Instinct can protect you from XL4-based threats, please request a demo. ![]() As the boundaries of your organization become less defined, with data stored and sent through cloud networks and across your hybrid environment and endpoints now spread around the globe with people working at home, in offices and everywhere in between, security solutions will have to continue to improve to protect across an ever-larger footprint. The threat landscape has grown exponentially over the past several years – and will continue to grow and change in the years to come. Even if this malware family evolves and modifies its techniques, Deep instinct will adapt and stop these threats, providing continuous prevention capabilities that no other security solution on the market today can match. Our team also showcased how the Deep Instinct Prevention Platform can identify and prevent these new malicious XL4 strains using our Anomaly Detection algorithms. ![]() While some of these techniques are known, the majority of them are newly discovered based on research by Deep Instinct’s threat teams. These campaigns have started becoming ever more sophisticated and prevalent.ĭeep Instinct threat researchers reported that these XL4-based threats utilize functions such as auto-open, auto-close, default password protection, and even shared findings of advanced obfuscation techniques, such as decoding the macro code in run-time. We’ve seen a significant rise in malware utilizing XL4 capabilities in just the past year and a half. However, XL4 is still supported for backward compatibility reasons, leaving a security vulnerability in place for years. Its replacement is the more advanced scripting language, VBA. The research, which was presented by Tal Leibovich, head of threat research at Deep Instinct, was covered by TechRepublic as well – a terrific article and testament to the expertise of our entire research team.Įxcel 4.0 Macro (XL4) is a legacy scripting language supported in Microsoft Office since 1992. It’s about creating a safer, more resilient community together.ĭeep Instinct has taken this approach to heart since our founding in 2015 and we were proud to share research on a new, evolving threat vector involving legacy Excel 4.0 macros and their use in threat evasion at Def Con. Cybersecurity is not just about securing “your” network, protecting “your” environment, and testing and securing “your” applications. The collaboration and shared knowledge that comes from our live events always re-energizes us as we see what is possible in the ongoing fight against hackers and bad actors. The energy and content sharing was incredible despite a smaller turnout and we were all reminded of the extreme passion and esprit de corps that is unique to the cyber world. For someone who has been an active member of the cyber community for more than 20 years, the opportunity to re-engage with peers face-to-face and connect as a community was sorely missed and long overdue. Two of the year’s most significant cybersecurity conferences were held this past week in Las Vegas, making them the first in-person cybersecurity events in nearly two years.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |