Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Tracking and Detecting Raspberry Robin Malware - A Comprehensive Analysis

Red Canary via YouTube

Overview

Explore a comprehensive cybersecurity presentation detailing the discovery, evolution, and detection methods of Raspberry Robin malware - a significant external drive-based threat that uses Windows Installer for malicious file downloads. Learn from Red Canary's original discovery team about this prevalent threat's behavior patterns in the wild, its evolving tactics, and effective detection strategies for organizational security. Delve into the chronological development from its 2021 discovery through its rise to become the seventh most detected threat in 2022, including crucial Microsoft findings about follow-on activities and DLL analysis. Through detailed segments covering clustering methodology, field observations, community responses, and practical detection opportunities, gain essential insights into protecting systems against this sophisticated malware threat. Master the technical aspects of threat detection while following an engaging presentation style that breaks down complex cybersecurity concepts into actionable intelligence.

Syllabus

Introduction
Today's Bat-Agenda
Flashback: Intel team chat, early 20
Red Canary's clustering methodology
Making connections
Field guide to Raspberry Robin
Raspberry Robin activity
Good Intel Is Essential, Robin
Community response was amazing
Holy crowdsourcing, Batman!
July 2022: Microsoft reports follow-on activity
September 2022: Untangling the DLL
October 2022: Second Microsoft report
Detection opportunity
Holy takeaways, Batman!

Taught by

Red Canary

Reviews

Start your review of Tracking and Detecting Raspberry Robin Malware - A Comprehensive Analysis

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.