Mimic: The ransomware exploiting Windows search
Discover an emerging ransomware family that’s using a legitimate Windows search tool to locate victims’ files before encrypting them.
Read MoreAt Black Hat MEA 2023, Mohamed Samy (Senior Information Security Consultant at IOActive) introduced Project C-Shell – a unique infrastructure that integrates AI and blockchain technologies, enabling it to circumvent antivirus and Endpoint Detection and Response (EDR) systems.
With a remote control mechanism facilitated by Blockchain SmartContract tech and more, the system has numerous potential use cases – from managing servers and client operating systems remotely, to working as a stager payload for ethical hackers to use in red-teaming operations.
We asked Samy about the new dimensions that Web3 adds to cybersecurity – and what he gained at #BHMEA23.
“Web3 introduces a decentralised architecture to the digital world, significantly impacting cybersecurity by shifting how we approach data privacy, ownership, and security. It emphasises user sovereignty and blockchain technology, which, while presenting new security challenges, also offers innovative solutions for authentication, transparency, and resistance against common cyber threats.
“The development of Web3 compels cybersecurity professionals to adapt to a landscape where trust is distributed, and security is integral to the infrastructure – not just an afterthought.”
“Project C-Shell was inspired by the need to create a more resilient and adaptive cybersecurity framework that can keep pace with rapidly evolving digital threats.
“The Project aims to demonstrate the potential real-life security impact of integrating a C# dynamic execution environment with generative AI coding capabilities and being anonymously controlled through the Blockchain’s SmartContracts provided by the Web3 ecosystems.”
“Open-source projects are vital to advancing cybersecurity tools and practices. They foster a culture of collaboration and knowledge sharing that accelerates innovation and the development of robust, tested solutions.
“Open-source projects enable security professionals to scrutinise and improve code quality, ensuring vulnerabilities are identified and addressed swiftly. Moreover, they democratise access to advanced tools, allowing organisations of all sizes to benefit from cutting-edge security technologies.
“In essence, the open-source model is a catalyst for continuous improvement and community-driven advancements in cybersecurity.”
“I wish everyone understood that cybersecurity is not just a technical issue but a fundamental aspect of our digital lives that requires active participation from everyone.
“Every individual has a role to play in maintaining cybersecurity hygiene, from using strong, unique passwords to being aware of phishing tactics. It's crucial to understand that the security of digital systems is interconnected; a vulnerability in one area can compromise the entire network.
“Awareness, education, and proactive behaviour are key to creating a safer digital environment for all.”
“Attending Black Hat MEA 2023 was an enriching experience that provided me with invaluable insights into the latest cybersecurity threats and innovations.
“It was an opportunity to connect with fellow professionals, share knowledge, and learn from real-world case studies.
“The sessions and workshops offered deep dives into cutting-edge research and emerging technologies, enhancing my understanding of the landscape and sparking ideas for future projects.
“And the event underscored the importance of community and collaboration in tackling cybersecurity challenges, reinforcing my belief in open-source projects and collective efforts to advance the field.”
Thanks to Mohamed Samy at IOActive. Do you want to immerse yourself in the global Black Hat MEA community? Join us for the 2024 event.
Join the newsletter to receive the latest updates in your inbox.
Discover an emerging ransomware family that’s using a legitimate Windows search tool to locate victims’ files before encrypting them.
Read MoreWhat are non-human identities (NHIs) and why are they driving a paradigm shift in identity security?
Read MoreNew research shows that a growing number of organisations view cybersecurity as a strategic priority.
Read More