2 Meters Down and Back: Hunting for most persistent implants

Home / Lectures / Invited Lecture Series / 2 Meters Down and Back: Hunting for most persistent implants

Dmitry Bestuzhev

Kaspersky Latin America

---

Lecture Information:

• January 31, 2020
• 2:00 PM
• CASE 241

Speaker Bio

Dmitry Bestuzhev serves as Head of Kaspersky’s Global Research and Analysis Team for Latin America, where he oversees the anti-malware development and investigations of the company’s experts in the region. He specializes in the analysis of large-scale malware incidents, cyberespionage and targeted attacks, as well as the investigation of cybercrime (of human and electronic components) that employs advanced social engineering techniques aimed at online banking attacks and data leaks.
Dmitry joined Kaspersky in 2007 as a Malware Analyst and was responsible for monitoring the local threat landscape and providing preliminary analysis before going on to become Senior Regional Researcher for the Latin American region in 2008. In 2010, he was appointed to his current role.
In addition to supervising all anti-malware efforts, he prepares reports and forecasts for the region and is frequently sought out by international media and organizations for his expert commentary on IT security. He also participates in various educational initiatives throughout Latin America.
Dmitry has more than 20 years of experience in IT security across a wide variety of roles and is fluent in English, Spanish and Russian.

Description

This presentation is about hunting UEFI implants and another undocumented “”features”” running on the Ring -2, gaining an eternal persistence in all machines over the globe.
What do Sofacy and Hacking Team threat actors have in common? Both successfully developed and used ITW low level Ring -2 implants targeting victims over the globe. Are they the only one players using such techniques gaining an eternal persistence on the machines? How to deal with the situation when your machine is an UEFI malicious implanted one? Will some secure OS help? Unfortunately the answer is no. In my presentation I will practically show how to hunt for malicious implants in UEFI, what have we found so far and what are the weirdest things we see right now.

Categories

Academics Accomplishments Alumni Annoucement Campus Life Career development Clubs & organizations Community Course Highlight Education Explore Faculty Award Faculty Highlight Grants & Scholarships In The News News Research Student Highlight Workshops & webinars

Recent Posts

• KFSCIS Recognizes Top Talent
• TECH SUMMIT 2023 Addresses the Transformative Influence of AI
• Research Symposium Highlights Innovations in Cybersecurity and AI
• Iyengar receives the esteemed Karnataka Rajyotsava Award for 2023
• MEDAL Enhances Learning Outcomes in AI for DoE

Helpful Links

• Academics
  • Degree Programs
    • Bachelor’s Degrees
    • Graduate Programs
    • Accelerated Degrees
    • Master’s Degrees
    • Doctoral Degrees
• Advising
  • Advising Staff
  • Computer Science FAQ
  • Cybersecurity FAQ
  • Information Technology FAQ
  • Transfer Orientation Advising Sheet
  • Course Catalog
  • Academic Calendar
  • Tour
  • Other

// Live helper chat widget begin // Live helper chat widget end