Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
תוכן מסופק על ידי Mandiant. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Mandiant או שותף פלטפורמת הפודקאסט שלו. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
דומה לState of the Hack
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
We help founders make something people want.
…
continue reading
Hungry for Technology Talk? Get All You Can Eat at the Android Buffet
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Monday through Friday, Marketplace demystifies the digital economy in less than 10 minutes. We look past the hype and ask tough questions about an industry that’s constantly changing.
…
continue reading
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
Tech Life discovers and explains the ways technology is changing our lives, wherever we are in the world. We meet the people with bright ideas for rethinking the way we work, learn and play, and get hands-on with the products they dream up. We hold tech giants to account for their huge power to affect our lives, and ask who wins, and who loses, in the technology transformation. Tech Life is your guide to a future being made, and remade, at lightning speed in front of our eyes.
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
Player FM - אפליקציית פודקאסט
התחל במצב לא מקוון עם האפליקציה Player FM !
התחל במצב לא מקוון עם האפליקציה Player FM !
))
S1E06: Black Hat USA 2018 Edition
סדרה בארכיון ("עדכון לא פעיל" status)
When?
This feed was archived on February 26, 2024 18:55 (
Why? עדכון לא פעיל status. השרתים שלנו לא הצליחו לאחזר פודקאסט חוקי לזמן ממושך.
What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.
Manage episode 290580699 series 2915100
תוכן מסופק על ידי Mandiant. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Mandiant או שותף פלטפורמת הפודקאסט שלו. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
“FIN7”: It’s a matter of “when, not if” for organizations and
breaches, and the same goes for criminals and getting caught. The U.S.
District Attorney’s Office for the Western District of Washington
recently unsealed indictments and announced the arrests of three
leaders in a criminal organization we have tracked since 2015 as FIN7.
Referred to by many vendors as “Carbanak Group” (although we don’t
attribute all usage of the CARBANAK backdoor with the group), FIN7 is
well-known for the technical innovation, social engineering ingenuity,
and other creativity that has fueled their success. We open up this
episode by talking about all things FIN7, including their tools, their
tactics, techniques and procedures (TTPs), and some of the ways FIN7
activity changed following arrests made as far back as January.
• On the Hunt for FIN7: Pursuing an Enigmatic and Evasive Global
Criminal Operation
• To SDB, Or Not To SDB: FIN7 Leveraging Shim Databases for
Persistence
• FIN7 Evolution and the Phishing LNK
• FIN7 Spear Phishing Campaign Targets Personnel Involved in SEC
Filings
• Tracking a Cyber Crime Group: FIN7 at a Glance
“Special Guest Katie Nickels (@likethecoins)”: Katie Nickels attended
a liberal arts school and intended to get into journalism, but instead
she took on a researcher role and the rest is history. Now Katie is
the Lead Cyber Security Engineer at MITRE. MITRE is a not-for-profit
that operates federally funded research and development centers
(FFRDC) responsible for R&D that helps the U.S. government. Katie
specializes in cyber threat intelligence and how it can improve
network defenses. Part of that involves applying threat intelligence
to ATT&CK, a knowledge base of real-world attacker tactics, techniques
and procedures (TTPs) that is used to assist analysts. Very cool
stuff! During our chat, Katie talked about how her team processes new
intel as it’s made public (she said she was really excited about our
latest FIN7 blog post – thanks Katie!), and about a new ATT&CK
philosophy paper MITRE recently released that describes the
collaborative process of incorporating new TTPs. We also talked about
PRE-ATT&CK, which focuses on what threat actors do to prepare for an
attack, such as reconnaissance and weaponizing.
“Special Guest Matt Graeber (@mattifestation)”: Early in Matt
Graeber’s professional life he was a rock climbing instructor, but
then he joined the Navy and that decision kicked off his journey into
the wonderful world of InfoSec. Matt is now a security Researcher at
SpecterOps, a company that provides adversary-focused solutions to
help organizations better defend themselves against the types of
attacks we see every day. At SpecterOps, Matt specializes in reverse
engineering and advancement of attacker tradecraft and detection.
Prior to SpecterOps, Matt did a stint with FireEye on a team that
would go on to become our FLARE unit, so of course we took a moment to
go down memory lane. Some of the other topics we covered include
PowerShell, Matt’s “Subverting Sysmon” Black Hat USA 2018 talk, and
the things that Matt will do in the name of a good cause.
“Special Guest Sean Metcalf (@Pyrotek)”: Sean Metcalf is a trailblazer
in the InfoSec field who is most well-known for his expertise in
Active Directory security. He’s given talks on the topic at several
security conferences, including Black Hat USA, DEF CON, DerbyCon and
BSides. Fun fact about Sean: he is one of roughly 100 Microsoft
Certified Masters (MCMs) in Directory Services in the world. Active
Directory security plays a huge part in his current role as Founder
and Chief Technology Officer of Trimarc Security. Trimarc is a company
that protects organizations primarily through the security of Active
Director
39 פרקים
שתפו
סדרה בארכיון ("עדכון לא פעיל" status)
When?
This feed was archived on February 26, 2024 18:55 (
Why? עדכון לא פעיל status. השרתים שלנו לא הצליחו לאחזר פודקאסט חוקי לזמן ממושך.
What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.
Manage episode 290580699 series 2915100
תוכן מסופק על ידי Mandiant. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Mandiant או שותף פלטפורמת הפודקאסט שלו. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
“FIN7”: It’s a matter of “when, not if” for organizations and
breaches, and the same goes for criminals and getting caught. The U.S.
District Attorney’s Office for the Western District of Washington
recently unsealed indictments and announced the arrests of three
leaders in a criminal organization we have tracked since 2015 as FIN7.
Referred to by many vendors as “Carbanak Group” (although we don’t
attribute all usage of the CARBANAK backdoor with the group), FIN7 is
well-known for the technical innovation, social engineering ingenuity,
and other creativity that has fueled their success. We open up this
episode by talking about all things FIN7, including their tools, their
tactics, techniques and procedures (TTPs), and some of the ways FIN7
activity changed following arrests made as far back as January.
• On the Hunt for FIN7: Pursuing an Enigmatic and Evasive Global
Criminal Operation
• To SDB, Or Not To SDB: FIN7 Leveraging Shim Databases for
Persistence
• FIN7 Evolution and the Phishing LNK
• FIN7 Spear Phishing Campaign Targets Personnel Involved in SEC
Filings
• Tracking a Cyber Crime Group: FIN7 at a Glance
“Special Guest Katie Nickels (@likethecoins)”: Katie Nickels attended
a liberal arts school and intended to get into journalism, but instead
she took on a researcher role and the rest is history. Now Katie is
the Lead Cyber Security Engineer at MITRE. MITRE is a not-for-profit
that operates federally funded research and development centers
(FFRDC) responsible for R&D that helps the U.S. government. Katie
specializes in cyber threat intelligence and how it can improve
network defenses. Part of that involves applying threat intelligence
to ATT&CK, a knowledge base of real-world attacker tactics, techniques
and procedures (TTPs) that is used to assist analysts. Very cool
stuff! During our chat, Katie talked about how her team processes new
intel as it’s made public (she said she was really excited about our
latest FIN7 blog post – thanks Katie!), and about a new ATT&CK
philosophy paper MITRE recently released that describes the
collaborative process of incorporating new TTPs. We also talked about
PRE-ATT&CK, which focuses on what threat actors do to prepare for an
attack, such as reconnaissance and weaponizing.
“Special Guest Matt Graeber (@mattifestation)”: Early in Matt
Graeber’s professional life he was a rock climbing instructor, but
then he joined the Navy and that decision kicked off his journey into
the wonderful world of InfoSec. Matt is now a security Researcher at
SpecterOps, a company that provides adversary-focused solutions to
help organizations better defend themselves against the types of
attacks we see every day. At SpecterOps, Matt specializes in reverse
engineering and advancement of attacker tradecraft and detection.
Prior to SpecterOps, Matt did a stint with FireEye on a team that
would go on to become our FLARE unit, so of course we took a moment to
go down memory lane. Some of the other topics we covered include
PowerShell, Matt’s “Subverting Sysmon” Black Hat USA 2018 talk, and
the things that Matt will do in the name of a good cause.
“Special Guest Sean Metcalf (@Pyrotek)”: Sean Metcalf is a trailblazer
in the InfoSec field who is most well-known for his expertise in
Active Directory security. He’s given talks on the topic at several
security conferences, including Black Hat USA, DEF CON, DerbyCon and
BSides. Fun fact about Sean: he is one of roughly 100 Microsoft
Certified Masters (MCMs) in Directory Services in the world. Active
Directory security plays a huge part in his current role as Founder
and Chief Technology Officer of Trimarc Security. Trimarc is a company
that protects organizations primarily through the security of Active
Director
39 פרקים
כל הפרקים
×
ברוכים הבאים אל Player FM!
Player FM סורק את האינטרנט עבור פודקאסטים באיכות גבוהה בשבילכם כדי שתהנו מהם כרגע. זה יישום הפודקאסט הטוב ביותר והוא עובד על אנדרואיד, iPhone ואינטרנט. הירשמו לסנכרון מנויים במכשירים שונים.
דומה לState of the Hack
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
We help founders make something people want.
…
continue reading
Hungry for Technology Talk? Get All You Can Eat at the Android Buffet
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Monday through Friday, Marketplace demystifies the digital economy in less than 10 minutes. We look past the hype and ask tough questions about an industry that’s constantly changing.
…
continue reading
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
Tech Life discovers and explains the ways technology is changing our lives, wherever we are in the world. We meet the people with bright ideas for rethinking the way we work, learn and play, and get hands-on with the products they dream up. We hold tech giants to account for their huge power to affect our lives, and ask who wins, and who loses, in the technology transformation. Tech Life is your guide to a future being made, and remade, at lightning speed in front of our eyes.
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
Player FM - אפליקציית פודקאסט
התחל במצב לא מקוון עם האפליקציה Player FM !
התחל במצב לא מקוון עם האפליקציה Player FM !
