Irena Damsky Relatore

@DamskyIrena (as you might have seen her on Twitter) is the founder of and a freelance Israeli security and intelligence researcher with a disturbing affection to cats and unicorns. In the past she was the VP Research for ThreatSTOP, used to work for Check Point, reached a rank of Captain (now in reserve) in the Israeli Defense forces and even managed to earn both an Bsc and Msc in computer science.
  • Detecting Phishing from pDNS Passive DNS (pDNS) have been utilized by threat researchers for several years and allow us to gather information on domain usage worldwide. Since data fidelity varies depending upon the scope, timeline, and vantage point of sensor networks, pDNS visibility provides a multitude of different and exciting results for analysts to review. In this presentation we will quickly recap DNS and pDNS, review different approaches to detecting phishing using pDNS and focus on demonstrating different heuristics and operational procedures that can help increase actual detection while minimizing false positives. - 15:15/16:00, 26 May 2018