Threat intelligence with Dan Demeter

Dan Demeter, well-known security researcher in the Romanian information-security space. 

In 2014, Dan joined Kaspersky as a malware Security researcher, since then he has worked with various advanced anti-malware solutions and  

is currently working with Threat Intelligence in Kaspersky's Global Research and Analysis Team.

In this episode of Hacker talk, we deep dive into malware, threat intelligence, advanced persistent threats, security and defensive security with Dan. 

Topics covered in this episode:

Getting into infosec

Romania in the early personal internet space, connecting rj45 network cables to potatoes 

milw0rm, Bugtraq mailing list, backtrack, hell bond hackers 

Capture the flag(CTF) competitions

Internet café

Threat intelligence

Security research

Kaspersky

Advanced persistence threats, what is an advanced persistence threat? 

Finding advanced malware in the wild.

Threat levels for individuals

Threat modeling

Enterprise and consumer malware

Antivirus programs

targeted malware

malware for crypto-currency projects

finding advanced malware as a threat intelligence researcher

bypassing advanced malware checks

Reverse engineering malware

ollydbg, NSA decompiler

Malware obfuscation techniques

yara rules 

wrapping malware with VM protect

Post exploitation

malware stages

Lazarus Malware, Bangladesh Cyber Bank Heist

Malware on sim-cards

Using satalite ip addresses

reporting malicious command and control servers 

malware campaigns spreading in Romania  

phishing and identity theft

Bring your own device policy

Stay safe working from home  

Best ways to protect yourself online  

Writing malware signatures and writing yara rules

malware similarity engines

Links:

https://hackthissite.org/

https://hbh.sh/home   

https://en.wikipedia.org/wiki/Bugtraq   

https://en.wikipedia.org/wiki/BackTrack   

https://cnc-central.fandom.com/wiki/Command_%26_Conquer:_Red_Alert_-_Remastered   

https://securelist.com/

https://securityespresso.org/   

https://www.kaspersky.com/   

https://twitter.com/kaspersky  

https://twitter.com/_xdanx

https://en.wikipedia.org/wiki/OllyDbg  

https://hex-rays.com/IDA-pro/   

https://ghidra-sre.org/  

https://vmpsoft.com/   

https://github.com/ParrotSec/mimikatz   

https://en.wikipedia.org/wiki/Lazarus_Group  

https://en.wikipedia.org/wiki/Bangladesh_Bank_robbery   

https://www.kaspersky.com/cyber-crime-lazarus-swift   

https://www.kaspersky.com/about/press-releases/2021_security-analyst-summit-back-online-on-september-28-29   

https://securelist.com/equation-group-from-houston-with-love/68877/  

https://securelist.com/satellite-turla-apt-command-and-control-in-the-sky/72081/  

https://www.nbcnews.com/tech/security/facebook-sues-israel-s-nso-group-over-alleged-whatsapp-hack-n1073511  

https://en.wikipedia.org/wiki/Regular_expression

https://github.com/VirusTotal/yara

https://github.com/neo23x0  

https://www.tripwire.com/state-of-security/featured/operation-shadowhammer-hackers-planted-malware-code-video-games/   

https://en.wikipedia.org/wiki/Red_October_%28malware%29