This presentation focuses on an incident response that we conducted for a customer. It is a case study that looks at the technical parts of the malware, the intrusion of the network and exfiltration of data, launching the ransomware and events that followed.

Rook is based on the leaked Babuk ransomware code that was posted to a Russian underground forum in September 2021.

This is a step-by-step case study into a real-life incident response event and the days that followed after the attack.

With the brutal escalation of the war against Ukraine, we take a closer look at the ‘cyber’ part of it. What has been happening in Ukraine? Could the cyberwar spill over to other European countries? Should users be worried? Join us to learn about the most important cyberattacks related to the armed conflict – in the past weeks, as well as in the past eight years.

Emerging technologies, such as AI are in the epicentre of the digital evolution. While they bring numerous benefits they also bring many risks that need to be addressed to ensure a secure and trustworthy environment. In its role as the Union’s agency dedicated to achieving a high comment level of cybersecurity across Europe, ENISA has been actively working for the last few years on mapping the AI cybersecurity ecosystem and provding security recommendations for the forseen challenges.

NCSC Malware Team

While the idea of artificial intelligence and machine learning have been influencing various fields for decades now, their full transformative potential is yet to be realized. ML-based technologies increasingly help fight large-scale fraud, evaluate and optimize business processes, improve testing procedures and develop new solutions to existing problems. We, at ESET, recognized its potential early on and employed it to improve malware detection over 20 years ago. To this day, this symbiosis continues, various machine-learning technologies being an integral part of the ESETs protective layers. Like most innovations, however, even machine learning has drawbacks and limitations. Unfortunately, technological advances are not exclusively available to cybersecurity defenders. Cybercriminals are aware of the new prospects too and do not hesitate to utilize ML-based technologies to make their malicious code and activities more efficient. The question for the future remains, will the pros of machine learning outweigh the cons or will the technology lead to major disruption and deterioration of the cybersecurity equilibrium.

Hundreds of billions of password guesses aiming to break the protection of RDP remote access, the resurrection of Emotet, a threat described by Europol as the “most dangerous malware in the world” and over 400 % increase in Android banking malware year-over-year: those are just a few of the trends seen by ESET in the last months of 2021. And that is on top of the cyberespionage activity of groups such as The Dukes, OilRig, and others. Join our talk and find out what were the latest threats and trends detected by ESET.