Brent Shaw
Brent Shaw began his career in audio engineering, working on real-time distributed audio control systems before transitioning into the world of cybersecurity. His early focus on Industrial Control System (ICS) security introduced him to the complexities of SCADA and PLC environments, where he developed expertise in protecting critical infrastructure.
Today, Brent works as a cybersecurity researcher with a strong emphasis on security automation. His interests span a wide range of cutting-edge topics, from breaching air-gapped networks to unconventional techniques like ultrasonic mole detection. Brent’s work combines deep technical knowledge with a passion for exploring the boundaries of security in both traditional and emerging domains.
Session
Mobile malware is no longer a fringe concern—it’s a fast-evolving threat that quietly compromises users across the globe. This session dives into two years of malware investigations, revealing how attackers exploit social engineering and impersonate trusted Android apps to gain full control of devices. Through a case study, we expose the inner workings of a repackaged RAT campaign and the critical phases of its attack: Delivery, Enablement, and Exploitation.
Attendees will gain insight into how threat actors manipulate Android Accessibility Services, bypass user defences, and adapt their tactics in response to improved detection. While not directly targeting South African institutions, the campaign’s techniques pose real risks to financial applications and user privacy. This talk offers insights into mobile malware campaigns and highlights the urgent need for collaboration, education, and smarter defences in the mobile threat landscape.