DarkGate: Cazando la Amenaza y Exponiendo su Infraestructura

Explore a comprehensive cybersecurity conference talk from Ekoparty 2024 that delves into confronting the DarkGate threat through advanced threat intelligence techniques. Learn detailed analysis of DarkGate's tactics, techniques, and procedures (TTPs) while examining recent attack cases to understand its evolution and adaptability. Master key concepts including computable Indicators of Compromise (IoCs), atomic and behavioral indicators, and data pivoting, all contextualized within the Pain Pyramid framework. Gain practical experience in infrastructure hunting, a growing cybersecurity practice, through hands-on examples that demonstrate how to identify malicious infrastructures before they appear in existing intelligence feeds. Apply this knowledge through a practical DarkGate case study, learning to detect and neutralize malicious activities using implementable detection rules. Discover a set of effective Sigma rules for DarkGate detection and understand how integrating these techniques strengthens organizational resilience against advanced threats.