Скачать с ютуб AV Evasion - How Adversaries Aim to Bypass Antivirus Tools - Marvin Ngoma | BSides Joburg 2024 в хорошем качестве

AV Evasion - How Adversaries Aim to Bypass Antivirus Tools - Marvin Ngoma | BSides Joburg 2024

Malicious actors continually refine their techniques to evade detection by antivirus (AV) software. In this session, we will delve into the sophisticated methods cybercriminals use to circumvent traditional AV defenses, showcasing the ongoing battle between attackers and defenders. This talk aims to provide a detailed understanding of contemporary AV evasion tactics and practical strategies for strengthening security postures against these advanced threats. The ever-evolving nature of cyber threats requires continuous adaptation and innovation in defense strategies. By understanding and anticipating the tactics used by malicious actors to evade antivirus tools, security personnel can better protect their organizations against these sophisticated threats. Join this talk for an in-depth look at antivirus evasion techniques and discover how to fortify your defenses in an increasingly hostile cat-n-mouse cyber environment. Key highlights: Understanding Antivirus Mechanisms: The talk will start by exploring how antivirus software operates, including signature-based detection, heuristic analysis, and behavioral monitoring. Understanding these mechanisms is crucial to comprehending how they can be circumvented. Common Evasion Techniques: Obfuscation Packers and Crypters Fileless Malware Living off the Land (LotL) Advanced Techniques and Real-World Examples: Reflective DLL Injection Command and Control (C2) Evasion Case Studies + demo: The talk will analyze recent high-profile attacks where AV evasion played a critical role. These case studies will illustrate the practical application of the techniques discussed and highlight lessons learned from these incidents. The demo will then show how legitimate software can be abused to evade AV. Defensive Strategies and Best Practices: Finally, there will be actionable recommendations for enhancing detection and response capabilities. This includes adopting advanced threat detection tools, employing behavioral analytics, and integrating threat intelligence to stay ahead of evolving evasion techniques. Follow BSides Joburg: Web: https://www.bsidesjoburg.co.za Twitter / X: https://www.x.com/BSidesJoburg LinkedIn:   / bsides-joburg   Masterdon: https://infosec.exchange/@bsidesjoburg