DeepSec Talk: Got RATs? Enter Barn Cat (OSint)

We are happy to have John Bambenek (Fidelis Cybersecurity & SANS Internet Storm Center) on stage to present his new Open Source Intelligence Project Barn Cat.

OSINT Barn Cat: Mining Malware for Intelligence at Scale

I like the name of the project: Barn cats are the best mousers and this new project is targeted to catch (not only) RATs. In reality we have a hard time to keep track and ensure up-to-date signatures, with half a million unique samples pouring into the analysis machinery of the AV-industry and signature producers every day.

Barn cat has a new approach: Instead of learning every time from scratch how a new mouse looks like, Barn Cat monitors the criminal infrastructure to detect undesired activity in your network. It’s like a true barn cat couching in front of the mouse-hole: Eeverything coming out of there is lunch, no matter whether it’ grey, brown or speckled . If we only knew which mouse-holes to watch…

OSint Barn Cat will look for the CC and Drop-Zone configuration within malware samples to build a close-to-realtime  open source database of the mouse-holes to watch. Want to know more? Visit us in Vienna!

Bon Appetit and hope to see you next month at the DeepSec,

MiKa

Tags: , ,

1 Response to "DeepSec Talk: Got RATs? Enter Barn Cat (OSint)"