BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.com//bsideslv24//speaker//VR7S9Q
BEGIN:VTIMEZONE
TZID:PST
BEGIN:STANDARD
DTSTART:20001029T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10;UNTIL=20061029T100000Z
TZNAME:PST
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
END:STANDARD
BEGIN:STANDARD
DTSTART:20071104T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11
TZNAME:PST
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000402T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=4;UNTIL=20060402T110000Z
TZNAME:PDT
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
END:DAYLIGHT
BEGIN:DAYLIGHT
DTSTART:20070311T030000
RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3
TZNAME:PDT
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-bsideslv24-LGUTRH@pretalx.com
DTSTART;TZID=PST:20240806T170000
DTEND;TZID=PST:20240806T174500
DESCRIPTION:This presentation shares the findings and lessons learned from 
 an investigation into a pro-Russian hacktivist group\, tentatively called 
 X. Their DDoS attacks have been reported worldwide and have been conducted
  in an organized manner. Since their activities began in March 2022\, both
  the scale and the targets of their attacks have gradually expanded.\n\nWe
  have been tracking the DDoS attacks conducted by X for nearly a year and 
 carrying out "Operation So-seki" to alert and provide knowledge to the tar
 geted organizations. In Operation So-seki\, we obtained a botnet client to
 ol used by X and clarified the mechanism of the command and control (C2). 
 We have automated collecting DDoS target information and analyzed more tha
 n 1\,000 attacks by monitoring botnets and effectively tracking their infr
 astructure using net flow.\n\nIn this presentation\, we will share the fin
 dings through cross-analysis of the above information\, the methods of ana
 lyzing and tracking their infrastructures\, operators behind the X\, their
  tactics techniques and procedures (TTPs)\, DDoS countermeasure techniques
 \, and what we have learned from dealing with DDoS hacktivist groups.
DTSTAMP:20260423T030714Z
LOCATION:Florentine A
SUMMARY:Operation So-seki: You Are a Threat Actor. As Yet You Have No Name.
  - Ryo Minakawa\, Atsushi Kanda\, Kaichi Sameshima
URL:https://pretalx.com/bsideslv24/talk/LGUTRH/
END:VEVENT
END:VCALENDAR