Jump to navigation Jump to content

Speaker

Juho Jauhiainen

Juho Jauhiainen

DFIR @ Accenture

Helsinki, Finland

Actions

Juho works for Accenture as RITA Lead for EMEA. RITA (Rapid Intelligence & Tactical Analysis) is responsible for analyzing and tracking the threat intelligence and malware collected during Digital Forensics & Incident Response (DFIR) engagements. In addition to his current role, he has over 10 years of experience in DFIR and malware analysis for a variety of private and public sector organizations, including The National Cyber Security Centre Finland (NCSC-FI). Juho is the holder of CISSP, GSP, OSCP and other acronyms.

Links

Area of Expertise

  • Business & Management
  • Government, Social Sector & Education
  • Information & Communications Technology

Topics

  • cybercrime
  • Cyberthreats
  • Ransomware
  • dfir
  • Reverse Engineering
  • malware analysis
  • cyber security

Sessions

Weaponized Open-Source Applications: Real-Life Cyberattack Scenarios

An analysis of one case, together with an analysis of other similar campaigns identified that use malicious advertisements to distribute weaponised open-source software. A walkthrough of one case from start to finish: how the malware was distributed, how the malware worked, what indicators were found by the malware analysis, and what was the motive of the threat actor?

I like to MOVEit MOVEit

Accenture Global Cyber Response team will review findings of cases where the cl0p ransomware group stole data from several organizations using vulnerabilities in Managed File Transfer (MFT) services. The presentation will focus on the MOVEit MFT related SQLi vulnerability, which was disclosed in May 2023. Before public disclosure, cl0p was already actively exploiting the vulnerability. By exploiting the vulnerability, cl0p gained access to the MFT application and exfiltrated all data stored in the application. This presentation presents the activities of the ransomware group, a timeline from reconnaissance to exfiltration, and an analysis of the backdoor used by the attacker. Global Cyber Response team will use investigation notes from real incident response investigations and make recommendations for organizations using MFT applications to minimize the risk in the future.

Flubot - Pandemic in our pockets

Flubot banking malware has been tormenting Android users phones in the past year. In fall 2021, Flubot adopted DNS over HTTPS C2 infrastructure and hit Finland and some other countries very hard. This technical presentation will go through how Flubot works, what capabilities the current version of the malware has, and how we can fight it!

Events

Security BSides Sofia 2025 Sessionize Event

March 2025 Sofia, Bulgaria

Security BSides Dublin 2024 Sessionize Event

May 2024 Dublin, Ireland

Security BSides Dublin 2022 Sessionize Event

March 2022 Dublin, Ireland

Juho Jauhiainen

DFIR @ Accenture

Helsinki, Finland

Links

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top