Overview
Dive into a comprehensive 31-minute conference talk from Black Hat exploring the critical landscape of IoT and ICS security threats. Discover the importance of automated threat hunting in a world where hundreds of millions of devices are vulnerable to malicious attacks. Learn about advanced hunting techniques, including malware crawlers, session crawlers, and threat intelligence systems. Explore the process of generating IoCs for blocklists, analyzing global botnets, and identifying unknown malware. Gain insights into 1-day and unknown vulnerability hunting, as well as attack trend analysis for early warning systems. Presented by Mars Cheng and Patrick Kuo, this talk provides a deep understanding of the evolving threat terrain in the Internet of Things and Industrial Control Systems.
Syllabus
Intro
black hat
Why Perform Automated Threat Hunting?
350+ Hunting Engines in the World
The Hunting Agent
Malware Crawler and Session Crawler
Generate loC to Block List
Malware Analyzer
Threat Intelligence based on Athena
Global Botnet Analysis and Alert
Unknown Malware Playground
1-Day/Unknown Vulnerability Hunting
Attack Trend Analysis as an Early Warning System
The Threat of Next Generation
Taught by
Black Hat