Ladislav Baco is a Senior Security Consultant and Malware Analyst, with more than 10 years of experience in computer security, computer science and education. Currently he leads Research Department at IstroSec cybersecurity company. During his previous employments he worked as the Director of Research and Development at LIFARS and for the Government of EU Country as an analyst in National and Governmental CSIRT Slovakia, with focus on incident response, malware analysis and forensic analysis. Later he also led CSIRT’s Analytical Department and Department of Cyber Threat Analysis.
He also cooperates with multiple Universities in Slovakia on Cyber Security educational program for students and consults their Bachelor and Diploma Theses.
Moreover, Ladislav participated in many of famous Cyber Security Exercises (such as Cyber Europe by Enisa or NATO Locked Shields and Cyber Coalition) and he has hands-on with real APT and targeted attacks, too.
Currently Ladislav is focused mainly on Incident Response, Threat Hunting, Cyber Threat Analysis and Malware Analysis, which includes also his own research of famous malware families as well as APT attacks and new approaches of Cyber Threat Remediation.
He has been also speaker at various cybersecurity conferences and events, for example:
- DEFCON 29 Recon Village
- BlackHat Asia 2021 Arsenal
- DEFCON 28 SafeMode Recon Village
- CyberChess 2019; slides and video
- QuBit Conference and QuBit Academy
- speaker at various CSIRT/CERTs meetings such as TF-CSIRT, CSIRT.CZ and local events
During his engagements and personal research Ladislav has written many reports, whitepapers and case studies related to malware analysis, forensic analysis, threat hunting and other cybersecurity fields. While lot of them are sensitive and cannot be published, some of them are public ones. Here is the list with couple of examples.
- APT Cobalt Strike Campaign targeting Slovakia
- Snatch Ransomware - Malware Analysis Case Study
- XMRig-based CoinMiners by Blue Mockingbird Threat Actor
- Analysis of Dridex, BitPaymer and DoppelPaymer Campaign
- DearCry Ransomware - Malware Analysis and Reverse Engineering
- QUILCLIPPER AutoIt Malware
- Phishing PDF Document Story
- Ursnif and GandCrab campaign with the macro-enabled documents
- (Spear)Phishing test - Case Study
- Fake Purchase Order Document with Remcos RAT
- Malware Analysis and Vulnerability Research - 1000 days bug in Adobe Flash Player
- Monitoring and Incident Response with Fidelis - Remcos Case Study
- Remcos RAT Quick Analysis
- DearCry Ransomware Reverse Engineering
- Protect Yourself During Home Office with Fidelis
- Fidelis Global Threat Hunting Roadshow - Dridex Case Study
- Ryuk Ransomware Takes Control Over Computer Files in a Matter of Seconds
- REvil/Sodinokibi Ransomware Infection and Decryptor