Using AWS’s API software developer’s kit or its command line interface, customers can write their own tools for imaging disk instances that have been compromised, say Andrew Krug and Alex McCormack. The pair if researchers presented four tools at Black Hat 2016 that they wrote specifically to deal with incident response in AWS.
One of the most popular models for analyzing cyberattacks doesn’t focus enough on what to do after adversaries break into networks successfully, which they inevitable will do, Black Hat 2016 attendees were told this week in Las Vegas.
A spear phishing tool to automate the creation of phony tweets - complete with malicious URLs – with messages victims are likely to click on will be released at Black Hat by researchers from ZeroFOX. Called SNAP_R (for social network automated phisher with reconnaissance), the tool runs through a target Twitter account to gather data on what topics seem to interest the subscriber. Then it writes a tweet loaded up with a link to a site containing malware and sends it.