Resources • Webinars
Drop It Like It’s Qbot (Red Canary Remix): Detecting initial execution earlier with OSINT
This webinar is about leveraging open source intelligence to track and help detect rapidly-changing initial execution techniques used by adversaries. While Qbot itself is not currently a prevalent threat, thanks to its takedown in late August 2023, adversaries continue to develop new ways to download and run a variety of malicious payloads on victim endpoints.
On-Demand
45 mins.
Virtual
This webinar is about leveraging open source intelligence to track and help detect rapidly-changing initial execution techniques used by adversaries. While Qbot itself is not currently a prevalent threat, thanks to its takedown in late August 2023, adversaries continue to develop new ways to download and run a variety of malicious payloads on victim endpoints.
Detecting malicious execution early can reduce or eliminate the risk of follow-on activity, but frequent changes to malicious downloaders makes early detection more difficult for defenders. Fortunately there are analysts and researchers dedicated to tracking such changes and sharing them with the security community almost as quickly as they happen.
In this webinar, you’ll be given specific open-source intelligence resources you can use to stay up-to-date as threats continue to change and develop. You’ll also be armed with detection opportunities to help detect loaders delivering malicious payloads.
This version of the talk digs into recently seen malicious downloaders and features a reworked slide deck, new content, and up-to-date behavioral and atomic indicators for initial execution detection.