Great Ideas

Join us on December 2nd at 14:00 GMT. 

Register for free here:  

GReAT Ideas is coming back this winter with more cyberthreat research and top-notch expertise, alongside light-hearted talks on the latest developments in the field of cybersecurity, shared in a cozy informal atmosphere. Executed by security researchers from Kaspersky’s Global Research and Analysis Team (GReAT), who specialize in uncovering APTs, cyber-espionage campaigns, major malware and underground cyber-criminal trends across the world, the event is designed to exchange knowledge, support and inspire the community. 


We listened to your feedback and have upgraded GReAT Ideas. On December 2, we will kick off with a fireside chat about recent cyber-incidents that shook the world. The special Baguette edition (a name suggested by our speakers) of the event will feature presentations by our Paris-based GReAT team – as, we all need a bit of French charm in our lives. 


Join us on December 2nd at 14:00 GMT. 

Register for free here:  

Mercenaries’ tricks: what did DeathStalker hide between two ferns?

DeathStalker is a supposed hacker-for-hire group active since at least 2012, which leverages multiple strains of malicious tools such as Janicab, Powersing and Evilnum. Kaspersky exposed most of its activities up to May 2020 in a blogpost on Securelist, and introduced the actor during a previous GReAT Ideas event. In this talk we will focus on its most recent malware and delivery chain, dubbed PowerPepper, and describe the tricks used to operate a backdoor on targets’ computers, from Windows commands obfuscation to DNS over HTTPS, passing by steganography between two ferns. 

A primer on reversing Delphi binaries

While the Delphi language isn’t as prevalent as it used to be, malware analysts are still liable to find the occasional Delphi malware here and there. This presentation will introduce the basics of reverse engineering Delphi applications, with practical examples based on samples from the Bahamut threat actor. 

TinyCheck: bug smartphone spyware at network level

How can you quickly analyze communications of a smartphone to check whether it has been compromised by spyware? It is this question that a new open source project, called TinyCheck, is trying to answer. Initially developed to detect stalkerware on smartphones for NGOs working in the field of domestic violence, this GReAT project can be used to easily tap any Wi-Fi device, anywhere. By using extended IOCs and heuristics, it allows you to check for possible compromise by spyware. 


14:00 What’s on: fireside chat with a surprise speaker and Brian Bartholomew from Kaspersky

14:30 Mercenaries’ tricks: what did DeathStalker hide between two ferns? by Pierre Delcher

14:45 A primer on reversing Delphi binaries by Ivan Kwiatkowski

15:05 TinyCheck: bug smartphone spyware at network level by Felix Aime

15:25 AMA

We use cookies to make your experience of our websites better. By using and further navigating this website you accept that some of your browsing activity can be recorded in cookies. Detailed information about the use of cookies on this website is available by clicking on more information.