DeepSec Talk: Got RATs? Enter Barn Cat (OSint)
We are happy to have John Bambenek (Fidelis Cybersecurity & SANS Internet Storm Center) on stage to present his new Open Source Intelligence Project Barn Cat.
I like the name of the project: Barn cats are the best mousers and this new project is targeted to catch (not only) RATs. In reality we have a hard time to keep track and ensure up-to-date signatures, with half a million unique samples pouring into the analysis machinery of the AV-industry and signature producers every day.
Barn cat has a new approach: Instead of learning every time from scratch how a new mouse looks like, Barn Cat monitors the criminal infrastructure to detect undesired activity in your network. It’s like a true barn cat couching in front of the mouse-hole: Eeverything coming out of there is lunch, no matter whether it’ grey, brown or speckled . If we only knew which mouse-holes to watch…
OSint Barn Cat will look for the CC and Drop-Zone configuration within malware samples to build a close-to-realtime open source database of the mouse-holes to watch. Want to know more? Visit us in Vienna!
Bon Appetit and hope to see you next month at the DeepSec,