Black Hat Webinar: Chasing A Ghost: A PXA Stealer Story
%20(1).png)
Register here
Francisco Donoso, Chief Product and Technology Officer, and Bobby Venal, Principal Security Researcher, from Beazley Security, present a two-part, story-driven deep dive into the deception-rich attack chain behind a new infostealer dubbed PXA Stealer. In part one, they’ll walk through how the Beazley Security Labs, SentinelLabs, and Beazley Security’s MXDR teams detected and halted an in-progress campaign that was explicitly engineered to mislead both end users and the analysts examining it. They'll start with a fairly well-known code-loading trick to multiple layers of misdirection designed to mask intent and origin.
Part two reveals an unexpected twist uncovered during analysis: operational mistakes by the actor themselves opened a window into their infrastructure, tooling, and practices. Attendees can expect to see how gaps in the attacker’s tradecraft and operational security enabled additional insight into their operations.
Speakers:
Francisco Donoso, Chief Product and Technology Officer, Beazley Security
Francisco Donoso is the Chief Product & Technology Officer at Beazley Security, where he leads technology and product strategy. With a career spanning some of the world’s leading Managed Security Service Providers (MSSPs), Francisco has responded to major global cyber security incidents, gaining deep expertise in threat response.
His focus is on making information security both practical and efficient, with an emphasis on security automation. Francisco is recognized for his research into advanced cyber threats, including the Equation Group's tools, following their exposure by the Shadow Brokers. He has spoken at prominent conferences including DerbyCon, Microsoft BlueHat, Bsides, and Thotcon.
Bobby Venal, Principal Security Researcher, Beazley Security
Bobby Venal is a Principal Security Researcher at Beazley Security since February 2024, focusing on the integration of advanced cyber security capabilities and risk mitigation. Previously, Bobby served as a Senior Research Scientist and Malware Researcher at FireEye, Inc. from September 2015 to January 2024, and as a Malware Reverse Engineer at OnPoint from March 2013 to August 2015, specializing in malware analysis and reverse engineering. Prior experience includes roles as a Network Security Engineer at Trustwave, where Bobby managed network security for a vast customer base, and as a PAS Java at SESC, conducting enterprise Java bug hunting and network forensic analysis. Bobby's career began in data management as a Tape Operator at OAOT. Bobby holds a BA in Mathematics from the University of Northern Colorado and attended the Illinois Institute of Technology.