09-12, 13:30–14:00 (Europe/Stockholm), Main hall
What happens when a rarely seen piece of malware, attributed to one of the world’s most elite APT groups, reemerges in the midst of the “cyber battlefield” of the Ukraine - Russia conflict? We will explore the evolution of the advanced Kazuar backdoor by the elite Turla APT group. We will dive into Kazuar’s technical analysis and Secops, going into detailed analysis of its previously undocumented functionality, encryption implementations, packing and code obfuscation. We will provide the audience with practical ways to hunt for the elusive Kazuar backdoor.
Daniel Frank is the Threat Research Team Leader at Palo Alto Networks, with over a decade of experience. Frank previously worked in RSA Security, F5 Networks, and Cybereason. His core roles include researching emerging threats, reverse-engineering malware, threat hunting, and threat intelligence. Frank has a BSc degree in information systems.
Tom Fakterman is a Senior Threat Researcher at Palo Alto Networks. On his day to day, Tom focuses on threat hunting, malware research, and threat intelligence. Tom has a decade of experience, where he mostly focused on incident response and malware analysis.