My Talks

Forbes - 30 Under 30 (Hebrew):

A researcher who helps doctors diagnose patients with artificial intelligence, and three companies that have led mass protests against violence against women - these are just three examples of the groundbreaking young people who make up the 2019 cycle of our 30Under30 project.

CodeBlue Japan - CoinMiner are Evasive by Thomas Roccia and Omri Moyal:

CoinMiners are on the rise, trending so high that in the last couple of month they almost completely replaced ransomware in both media and the research community. Unlike ransomware which profit from rapid encryption of user’s data taken hostage, CoinMiners profit comes from high jacking computer resources. As long as the CoinMiner stays undetected and stealth, the higher its author profit. \nIn this talk we will focus on the unexplored territory of CoinMiner evasive maneuver and functionality to avoid getting found by its victims and provide tactics and tools to combat them.

protegermipc - MalScanBot allows you to scan malware in files from Telegram (Spanish):

There are different well-known services that allow us to analyze a file in search of viruses, also URLs (addresses of websites) or even hashes. Now, we can even scan files for malware from the popular Telegram messaging application and the MalScanBot bot.

Intezer - New! API for Intezer Analyze Community:

MalScanBot, created by Omri Moyal, and integrates with Intezer Analyze to provide a convenient chat-based malware analysis. We encourage you to write your own plugins with your preferred tools, and to publish them for the benefit of the security community.

Haaretz - The little twist that turned a simple hacker attack into a particularly dangerous one (Hebrew):

A North American Chamber of Commerce has become a target for criminals who have tried to infiltrate a Trojan horse into corporate computers; Their method proved that sometimes the technique can be much more important than technology.

VirusBay - a “why” article by Ido Naor

How to build a community of thousands of incredible malware researchers.

Intezer - MalScanBot:

MalScanBot is an initiative by Omri Moyal (@GelosSnake), to scan malware in Telegram bot. It’s possible to get Intezer’s detection through this interface.

DEF CON Groups 9723:

Irena Damsky & Omri Moyal’s ‘Stories From The Dark Side Of Managing A Security Research Department In A Start-Up’

BleepingComputer - GhostMiner:

GhostMiner Uses Fileless Techniques, Removes Other Miners, But Makes Only $200.

TechRepublic - GhostMiner:

Fileless cryptomining malware has code that kills itself and other strains.

malware.dontneedcoffee.com:

CVE-2018-4878 (Flash Player up to 28.0.0.137) and Exploit Kits

SC Magazine - WaterMiner:

Modified video games on Russian forum tainted with WaterMiner cryptominer.

BleepingComputer - WaterMiner:

Malware Author Can’t Keep His Mouth Shut on Social Media.

ThreatPost - WaterMiner (Russian):

КИБЕРПРЕСТУПНИК ВНЕДРИЛ МАЙНЕР ВАЛЮТЫ MONERO В МОД ДЛЯ GTA

SC Magazine - Playing Defence:

Nuclear Posture Review allows nuclear response to cyber.

CyberSecurityTrend - Invisible Malware:

The Evasive Threat Is Now Mainstream

DarkReading - Meet Some Of The Emerging Israeli Cybersecurity Firms:

Minerva Labs brings a new paradigm to malware detection by preventing malware execution by using the malware’s strengths against it.

SC Media - Playing Defense:

While going nuclear in response to a cyberattack might be a good sound bite, cyber execs say building a stronger defense is a smarter path.

TechTarget - Vendors selling into health IT market talk tech to HIT Squad:

A recent health IT conference was a forum for health IT and cybersecurity vendors to reach healthcare organizations and potential customers; the HIT Squad talks with the vendors.

SecurityWeek - Bot vs Bot in Never-Ending Cycle of Improving Artificial intelligence:

Artificial intelligence, usually in the form of machine learning (ML), is infosecurity’s current buzz. Many consider it will be the savior of the internet, able to defeat hackers and malware by learning and responding to their behavior in all-but real time. But others counsel caution: it is a great aid; but not a silver bullet.

Globes - Cyber security co Minerva raises $7.5m:

Israeli cyber security startup Minerva today announced a $7.5 million financing round led by Amplify Partners.

HB Litigation Conferences:

Omri Moyal, is speaking on the ‘Cloud & Data Storage’ session at the upcoming NetDiligence Cyber Risk & Privacy Liability Forum.

SANS - Evasive malware is everywhere:

\nIn the world of cyber security there is no time to waste. Zero day vulnerabilities and critical alerts keep security professionals busy around the clock, and the sense of urgency never fades. Security professionals struggle with securing their network, deploying a vast array of cyber security tools. But, instead of relieving their stress, every new tool creates another constant stream of alerts, often wasting the security teams time and increasing their frustration. This Tool Talk will demonstrate the capabilities of the attacker, the five minute process to create zero day malware which eludes known security defenses, and an approach that prioritizes prevention of malware without the need to detect it first.

BrightTalk - NotPetya: Ransomware Or a Cyber Attack in Disguise:

The major ransomware attack that spread across the world in late June struck large pharmaceutical companies, Chernobyl radiation detection systems, the Kiev metro, an airport, banks, hospitals and government agencies. Was this a financially motivated cyber attack or something more sinister? Is the worst over or is there more to come?

Forbes - Israel Cyber-Tech Startup Minerva Labs Say Prevention Without Detection Is Possible:

A moment of clarity can make the difference between a serial award winning startup and just another hardworking collection of coders, it seems.

CSO - Surviving ransomware by keeping things simple:

One administrator shares his war stories for surviving ransomware attacks.

BleepingComputer - We May Soon See Malware Leveraging the Meltdown and Spectre Vulnerabilities:

Security researchers are seeing an ever-increasing number of suspicious file samples that are experimenting with the Meltdown and Spectre vulnerabilities.

Times of Israel - After ransomware attack, focus turns to backup and prevention services:

Cybersecurity experts say the best way to counter an infection is to be prepared and have backup systems in place.

SANS - Evasive malware is everywhere: Learn how it works and how to prevent it:

Techworm - Main ISIS forum promote ‘How To Hack’ Tutorials Online:

The new online course offered by main ISIS noobs is based on Kali Linux.

Ynet - From Israel to Singapore, The Local cyber Companies Distributing in the world (Hebrew):

Vocativ - Israelis Mock Anonymous’ #OpIsrael Hacking Campaign:

The hacking collective known as Anonymous launched its fourth annual #OpIsrael campaign on Thursday to wage cyberattacks against Israel. But Israelis active on Twitter were quick to mock the effort, and make fun of life in their own country.

PC.co.il - Minerva Wins QPrize by Qualcomm Ventures

GeekTime - Minerva Labs wins hub:raum’s cyber security competition in Berlin:

This fast rising preventative cyber security startup just won its second competition in a week

GeekTime - Israeli Minerva Labs wins CyBox cyber security competition with preventative solution:

Rather than just identify and deal with cyber attackers, Israeli Minerva Labs tries to prevent them from entering systems entirely.

ClearSky - Thamar Reservoir:

An Iranian cyber-attack campaign against targets in the Middle East.

Geektime - First OSX push update (Hebrew):

Apple on Monday pushed out an update addressing a critical security issue for OS X concerning a vulnerability discovered in the Network Time Protocol service, affecting Mac users running OS X Yosemite, Mavericks and Mountain Lion.

Forbes - Minerva Labs:

End-Point Protection, Deception

Radio Haifa - DUQU 2.0 (Hebrew):

Discussing the latest headlines of spying against Iran nuclear talks.

GeekTime/ISOC IL - End-Users, the weakest link (Hebrew):

Despite modern enterprise security products and procedures, End-Users are still the most targeted. Presenting a few guidelines to prevent user’s takeover.

Radio Haifa - Korea Versus Sony (Hebrew):

Short interview with Yosi Mizrahi at 107.5FM on the latest Korea Versus Sony fiasco.

SecurityAffairs - Clearsky detected Gholee malware – The Israel-Gaza Conflict Takes to the Cyber-Arena:

Experts at Clearsky detected the Gholee virus which was likely developed by highly qualified factors, which may even be related to Israel’s long-time nemesis Iran.