A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Using Virus Total Intelligence to track the latest Phishing Document campaigns - Wyatt Roersma GrrCON 2016 (Hacking Illustrated Series InfoSec Tutorial Videos)

Using Virus Total Intelligence to track the latest Phishing Document campaigns
Wyatt Roersma
GrrCON 2016

One of the biggest problems many in this industry have is taking advantage of good Intelligence sources such as Virus Total and using it to stay one step ahead of the attacker. If you get some intel how far can you really pivot with that information? If you can write yara rules not only can you track these waves of phishing campaigns you can actually stop them. I will show you some research I have been working on and how I can take one phishing document and find thousands more just like it to identify all of the c2 servers, not just one or two. Get ready to track the threat groups yourself!

Back to GrrCON 2016 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast