Senior Security Research Engineer at Ixia, a Keysight business
Adrian Hada is a Senior Security Researcher within Ixia’s Application and Threat Intelligence Research Center. Adrian holds a MSc in Information Security from Military Technical Academy in Bucharest. Adrian specializes in gathering Threat Intelligence on the latest Malware, Botnets, and exploitation practices being seen in network attacks. Adrian continuously improves the ATI Research Centers ability to detonate and analyze malware, providing Ixia’s customers with actionable intelligence and protection from the newest evolved threats.
Applying Fuzzy Hashing to Phishing Page Identification (Lightning Talk)
Phishing attempts are generally met with only a limited measure of success – phishing attempts might get blocked or users might not be tricked by the attempt. Threat actors generally reuse the same phishing page template, customized for multiple targets, which they try to deploy at scale to increase their chances of success. Given the high amount of similarity between phishing pages, we can use near-similarity measures to identify phishing pages. This is a quick overview of how such an approach would work and its success rate in identifying phishing pages.
From Mirai to Monero – One Year’s Worth of Honeypot Data
With the end of 2016 seeing the explosion of the Mirai malware with source-code included, 2017 saw more and more DDoS botnets based on the original or modified Mirai code. At the same time, another fad appeared: cryptomining on infected machines, with Monero mining becoming an important means for malware authors to make money with less overall risk involved. This presentation will focus on what we’ve seen in our honeypots in the past year – the threats involved, abused exploits and applications as well as other interesting data for the people involved in threat intelligence, operations and security roles.