SLEUTHCON 2024: A Deep Dive Into Cybercrime And Financially-Motivated Threats

SLEUTHCON is a premier in-person and virtual event in the DC area, focusing on cybercrime and financially-motivated threats. The conference brings together cybersecurity researchers, defenders, academics, law enforcement officials, and industry stakeholders.

Agenda & Registration:

Featured Speakers:

John Hultquist (Opening Remarks)
Paul Melson (Capital One, Keynote)
Allie Bohan (FTI Consulting)
Ben Coon (Unit 221b)
Charlie Cullen (CrowdStrike)
Alex D. (SentinelOne)
Simeon Kakpovi (Microsoft)
Allan Liska (Recorded Future)
Sal Melki (National Crime Agency)
Dr. Aleksandar Milenkoski (SentinelOne)
Allison Nixon (Unit 221B)
Zach Riddle (Google)
Daniel Schwalbe (DomainTools)
Thibault Seret (Team Cymru)

You Should Know: Practical Cybersecurity Commands & Techniques

1. Threat Intelligence Gathering

Use OSINT tools to track financially-motivated cyber threats:

whois example.com 
dig +short example.com 
theHarvester -d example.com -l 500 -b google

2. Malware Analysis (Linux)

Analyze suspicious files with `strings` and `strace`:

strings malware.bin | grep -i "http|ftp|ip" 
strace -f ./malware.bin

3. Network Forensics

Capture and analyze traffic with `tcpdump`:

tcpdump -i eth0 -w capture.pcap 
tcpdump -r capture.pcap 'port 443'

4. Ransomware Defense (Windows)

Check for suspicious processes:

Get-Process | Where-Object { $_.CPU -gt 90 }

5. Log Analysis

Extract failed login attempts from `/var/log/auth.log`:

grep "Failed password" /var/log/auth.log | awk '{print $1,$2,$3,$9}'

6. Memory Forensics (Volatility)

Dump memory and analyze processes:

volatility -f memory.dmp pslist 
volatility -f memory.dmp netscan

7. Incident Response

Isolate a compromised host:

iptables -A INPUT -s <MALICIOUS_IP> -j DROP

What Undercode Say

SLEUTHCON 2024 highlights the growing sophistication of cybercrime. Key takeaways include:
– Threat actors increasingly target financial systems.
– Memory forensics is critical for detecting fileless malware.
– Automated threat hunting (e.g., SIEM + YARA rules) reduces response time.

Prediction: AI-driven threat detection will dominate cybersecurity by 2026, but human expertise remains irreplaceable.

Expected Output:

 Sample output from 'theHarvester' command 
[] Searching Google for example.com: 
[] No emails found. 
[] Hosts found: 
203.0.113.45

 Sample output from Get-Process 
Handles NPM(K) PM(K) WS(K) CPU(s) Id SI ProcessName

<hr />

789 45 56789 67890 4.56 1234 1 malware.exe

Relevant URLs:

Expected Output:

Conference insights merged with actionable cybersecurity commands.

IT/Security Reporter URL:

Reported By: Mthomasson Its – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

Join Our Cyber World:

💬 Whatsapp | 💬 Telegram

Listen to this Post

Agenda & Registration:

Featured Speakers:

You Should Know: Practical Cybersecurity Commands & Techniques

1. Threat Intelligence Gathering

Use OSINT tools to track financially-motivated cyber threats:

2. Malware Analysis (Linux)

Analyze suspicious files with `strings` and `strace`:

3. Network Forensics

Capture and analyze traffic with `tcpdump`:

4. Ransomware Defense (Windows)

Check for suspicious processes:

5. Log Analysis

Extract failed login attempts from `/var/log/auth.log`:

6. Memory Forensics (Volatility)

Dump memory and analyze processes:

7. Incident Response

Isolate a compromised host:

What Undercode Say

Expected Output:

Relevant URLs:

Expected Output:

IT/Security Reporter URL:

Join Our Cyber World:

Related Posts: